I hate passkeys, but I understand that without a password manager, they’re probably the best option. And for some god forsaken reason, like you said, most people just don’t use a password manager. I can’t even get my wife to use one, and I’ve shown her how easy it is.
You using a password manager does not solve that this org stores your password in plain text and will email it to whatever’s on file when ANYONE clicks the forgot password button.
That’s why I always use password hashes as my passwords. So when some hacker steals the database, with all the clear text passwords, and look at my account they think somehow this password is still hashed and don’t try using it directly.
My current lemmy-password is $argon2d$v=19$m=16,t=2,p=1$Mk9RTWNESzMyWVljUGo5RA$BiGKlhzFuiWA0N78KzEmCQ
Oh it absolutely helps. Because if you’re using a password manager then every account you have should have a different password.
Most people who don’t use them just use the same password or a variation thereof for everything, making a leak much more devastating.
I hate passkeys, but I understand that without a password manager, they’re probably the best option. And for some god forsaken reason, like you said, most people just don’t use a password manager. I can’t even get my wife to use one, and I’ve shown her how easy it is.
My password manager also holds my passkeys, so I really don’t mind them.
You using a password manager does not solve that this org stores your password in plain text and will email it to whatever’s on file when ANYONE clicks the forgot password button.
That’s why I always use password hashes as my passwords. So when some hacker steals the database, with all the clear text passwords, and look at my account they think somehow this password is still hashed and don’t try using it directly. My current lemmy-password is $argon2d$v=19$m=16,t=2,p=1$Mk9RTWNESzMyWVljUGo5RA$BiGKlhzFuiWA0N78KzEmCQ
No, but it does severely limit the damage is what I’m saying.