Google uploading your plain text passwords

• Previous message (by thread): Google uploading your plain text passwords
• Next message (by thread): Google uploading your plain text passwords
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 11, 2021 at 12:01 PM William Herrin <bill at herrin.us> wrote:

> On Fri, Jun 11, 2021 at 10:27 AM Michael Thomas <mike at mtcc.com> wrote:
> > Isn't that what lots of password managers do? I understand that one of
> them syncs point to point, but that has the downside that it probably needs
> to be on the same subnet.
>
> It's exactly what lots of password managers with browser extensions
> do. I don't personally use them because I don't want my passwords
> reversibly stored on a computer that I don't directly control. I have
> no great philosophical problem with their existence and use by those
> who want them, I just don't want them for myself.
>

Well, browser extensions in and of themselves scare the living hell out of
me.  It really surprises me that they aren't a major attack vector and in
the news all of the time.

But yes, I agree that even encrypted they are a *very* tempting target for
hackers, and especially foreign governments. A breach would mean that
everybody is instantly screwed since they don't have to break into
individual computers, install malware, etc.

Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210611/b88d7e82/attachment.html>

• Previous message (by thread): Google uploading your plain text passwords
• Next message (by thread): Google uploading your plain text passwords
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]