"NCSC urges using 3 random words as passwords" <-- No mention of password managers, even as an option? (cc @troyhunt, @thorsheim)https://twitter.com/NCSC/status/1119741543190028288 …
-
-
Replying to @jleyden @thorsheim
They’ve certainly been very supportive in the past:https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers …
1 reply 0 retweets 1 like -
Replying to @troyhunt @thorsheim
Yup. I suspect the message here is to discourage some consumers from using football team names etc. as passwords rather than cooling on password managers. There again maybe bugs discovered by the likes of
@taviso have shifted the calculus?2 replies 0 retweets 2 likes -
I can’t think of any bug that would cause a reasonable person to discard their password manager and revert to reusing weak, memorisesd secrets
3 replies 2 retweets 11 likes -
Those are not the only options, you could switch to a safe password manager or use a notebook. Security doesn't begin and end with passwords, It is not "reasonable" to continue using software you know to be dangerously broken!
3 replies 0 retweets 17 likes -
This Tweet is unavailable.
-
I've reported a ton of vulnerabilities, but many are still poorly designed, for example running as content scripts. That means just a single renderer bug is enough to access all your passwords, those are super cheap, common and easy to find... that's why there's a sandbox.
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
I can't list all the ones that are poorly designed, I can tell you some I know that are competent: KeePass and KeePassX are both good choices.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.