undefined | Better HN

0 pointsstcredzero8y ago0 comments

If they are storing the password and pushing it to the connected service on the user's behalf, then they have to be able to decrypt it somehow

By storing so many passwords in one system, they made that system a high value target, all while not having the security chops they thought they had.

Password vaults should be distributed. This prevents the conglomeration of password secrets that creates a high value target. They would've been wise to have a series of password vault apps that are integrated with their system. They could have done this by leveraging Password Safe.

0 comments

jacquesm8y ago

This is by far the best argument for decentralization of almost anything that is not meant to be public. You probably will lose some of it but at least you won't lose all of it.

j / k navigate · click thread line to collapse

0 pointsstcredzero8y ago0 comments

If they are storing the password and pushing it to the connected service on the user's behalf, then they have to be able to decrypt it somehow

By storing so many passwords in one system, they made that system a high value target, all while not having the security chops they thought they had.

0 comments

jacquesm8y ago

This is by far the best argument for decentralization of almost anything that is not meant to be public. You probably will lose some of it but at least you won't lose all of it.

j / k navigate · click thread line to collapse