You using a password manager does not solve that this org stores your password in plain text and will email it to whatever’s on file when ANYONE clicks the forgot password button.
That’s why I always use password hashes as my passwords. So when some hacker steals the database, with all the clear text passwords, and look at my account they think somehow this password is still hashed and don’t try using it directly.
My current lemmy-password is $argon2d$v=19$m=16,t=2,p=1$Mk9RTWNESzMyWVljUGo5RA$BiGKlhzFuiWA0N78KzEmCQ
I hate passkeys, but I understand that without a password manager, they’re probably the best option. And for some god forsaken reason, like you said, most people just don’t use a password manager. I can’t even get my wife to use one, and I’ve shown her how easy it is.
A password manager does not solve this problem.
Oh it absolutely helps. Because if you’re using a password manager then every account you have should have a different password.
Most people who don’t use them just use the same password or a variation thereof for everything, making a leak much more devastating.
You using a password manager does not solve that this org stores your password in plain text and will email it to whatever’s on file when ANYONE clicks the forgot password button.
That’s why I always use password hashes as my passwords. So when some hacker steals the database, with all the clear text passwords, and look at my account they think somehow this password is still hashed and don’t try using it directly. My current lemmy-password is $argon2d$v=19$m=16,t=2,p=1$Mk9RTWNESzMyWVljUGo5RA$BiGKlhzFuiWA0N78KzEmCQ
No, but it does severely limit the damage is what I’m saying.
I hate passkeys, but I understand that without a password manager, they’re probably the best option. And for some god forsaken reason, like you said, most people just don’t use a password manager. I can’t even get my wife to use one, and I’ve shown her how easy it is.
My password manager also holds my passkeys, so I really don’t mind them.