Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
"Ad targeters are pulling data from your browser’s password manager"
---
Well, fuck.
"It won't be easy to fix, but it's worth doing"
Just check for visibility or like other password managers handle it iirc: assign a unique identifier based on form content and fill that identifier only.
---
"Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password. But according to new research from Princeton's Center for Information Technology Policy, those same managers are being exploited as a way to track users from site to site.
The researchers examined two different scripts — AdThink and OnAudience — both of are designed to get identifiable information out of browser-based password managers. The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. That information can then be used as a persistent ID to track users from page to page, a potentially valuable tool in targeting advertising."
Source: https://theverge.com/2017/12/...
14 -
MFA authentication setups that don't support standard authenticator apps, like 1Password or Google Authenticator can burn.
Yes, Microsoft, I am looking at you.10 -
A friend saw me on stack overflow and said 'wow, 4,000 points - you must do this all day.' I explained that I just do it to reinforce my understanding and not really for points(although those are useful for bounties). I showed them an account with 22k and tried to show how one might choose questions for maximum points vs quick solves for noobs etc. I write overly thorough answers to try and pin-point the blind spot as opposed to just fixing other people's code. It's not often rewarded by points. My friend - conspiracist - was convinced that the 20+k accounts were cheating the system.
At my old work we had a stack overflow account just for asking embarrassing questions that you didn't want on the company record. Silly, I know. Occasionally some of the guys would use it to have fake arguments or just cause trouble for fun / vote each other's stuff up.
So - I reached into 1Password and signed into that account and showed him that you could essentially vote up your answers but that it's not likely how people get points. I voted up my last 5 personal answers as an example and made some comment like 'that is right.' And that was that. Closed the computer. The next day my account was suspended and I was reprimanded for sockpuppeting. So, - in case you think you can get away with cheap tricks - you can't, which is nice to know - but after reading the email - my face was red for hours. How embarrassing! Not quite as bad as that time I got caught stealing a G.I. Joe action figure at the mall...2 -
I'm going to praise 1Password here.
I hate creating and remembering passwords. Now I can login to everything just with a click of a button.3 -
I really should start using a password manager but I have no idea what one to choose, anyone have any input?
I'm thinking 1Password at the moment12 -
It is always great when I download a major release of a software I love and it only gets better.
1Password new version is exactly that. It took a great product and made it better integrated with the laptops I use every day.
Not really ranting... but I wish this happened more often. -
"Oh, don't use Google Password Manager. It's not safe. Use something else. [Paid]"
* proceeds in using it anyway. I don't care. I trust Google.10 -
client: "can you build out a staging server for us? here's all the code, everything you need"
me: "awesome, looking good, i have almost everything i need, just give me the credentials for the server, and I'll get started installing all the infrastructure"
client: "ok, try these!"
me: "doesn't work"
client: "this one?"
me: "doesn't work..."
client: "how about this one?"
me: "STILL NOT WORKING!!!"
imagine you want someone to do stuff on your server and you don't even know the root SSH password.... smh
why is this always a problem, use fucking 1password or something its 40 bucks a year, secure, and you can organize alllll your passwords. don't be a fucking boomer and write them on a piece of paper, or worse, apparently like my client, never know it or have it in the first place.5 -
I think I've just fallen in love with 1Password
Locally synchronized vault, command line integration AND the desktop app is written in Rust?
Hooo boy11 -
The guy worked 4 days building a nice challenging feature.
Fucking spend 30 more minutes to write a documentation on how it works bc is like you did nothing. -
Why is the 1password login process so shitty? You need 4 different inputs, and every time you login it forces you to download the same PDF you have saved 10 times. there's no skip option, and it doesn't memorize that you have already freaking downloaded it.
on top of that, my company has restricted the accounts to not reset their password on their own. How the hell this helps a company? Why this option even exist?
I mean I have to DM my manager: Sorry dude, I'm so clumsy that I have accidentally deleted my password, can you initiate a reset password process so I can have access to 1password? -
I'd appreciate some viewpoints on this one. I've been wanting to use a password manager. LastPass or 1Password?4
Top Tags
Weekly Rant
View