A moderator of a forum posted this.
5 Likes
1 Like
I’ll never understand how people can be so caviler about security especially in today’s age. I started using password managers probably 20 years ago, Roboform was my first, then Keepass, LastPass, and finally Bit Warden for the past year or two.
Every login has a random unique password. If the login is important for any reason, I’ll enable 2FA. The only time I reuse a password is if it’s a website I was forced to register with to ask a question or download a PDF etc. If the account is compromised I wouldn’t care as I’m not a regular user/contributor of the site.
3 Likes
Anyone here remember the promised “single sign on” 
- yeah? nah?.. I seem to remember IT managers (i.e. mostly IT illiterates) banging on about it being “the next big thing” in the mid 1990’s… Much like the hype around “the paperless office” in the 1980’s
It’s HUGELY ironic when I see some of my customers have a thing called “Single Sign On” (or even use a product with that name). I just had to reset THREE account passwords today for some customer of mine due to expire on Friday - and - when they expire? Guess what? There’s no way to reset them - have to log a ticket! There’s no actual way to do it when you’re using Remote Desktop - e.g. OSK and “Del” or “End” don’t work - sometimes OSK “Ctrl+Alt+Del” will popup a dialog suggesting click on “The User Tile” - WTF is that? How did I do it? I had to fire up “Active Directory Users and Groups” with my admin account to change my non-admin account password, then my admin account password, then same thing again in another “airgapped” environment.
Single Sign On would present lots of problems if your single account credentials were compromised…
I have to use MFA for most of my work stuff…
I actually used to use a USB security key to unlock my keyring in Gnome, and my Google Account in Chrome / Brave - but don’t bother these days… Google doesn’t enforce it - so I just “use another method” (email or SMS a “one time PIN”).
4 Likes