this post was submitted on 09 Nov 2025
367 points (96.7% liked)

Technology

76672 readers
2244 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
367
God ****** dammit, here we go again (lemmy.world)
submitted 18 hours ago by Kyrgizion@lemmy.world to c/technology@lemmy.world
114 comments fedilink hide all child comments
 

Use the "passwords" feature to check if one of yours is compromised. If it shows up, never ever reuse those credentials. They'll be baked into thousands of botnets etc. and be forevermore part of automated break-in attempts until one randomly succeeds.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Miaou@jlai.lu 0 points 6 hours ago (1 children)

If there's one thing I've always been wary of, it's the password manager browser extensions. And I've been proven right. Don't be lazy, it takes 30 extra seconds to do it manually.

Pishing detection is nice though, I'll admit.

[โ€“] sugar_in_your_tea@sh.itjust.works 1 points 1 hour ago* (last edited 1 hour ago)

There are two major threats to a password manager:

  1. Breach - if the server doesn't store the key and data is encrypted, they'll have to break the crypto
  2. Client - if the client can be compromised, they can intercept password entry

The second is much harder to mitigate, but also much harder for an attacker to pull off since they need to compromise the update delivery chain.

Whatever client you use, make sure you trust the update mechanism.