148
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 06 Dec 2023
148 points (96.8% liked)
[Outdated, please look at pinned post] Casual Conversation
6466 readers
1 users here now
Share a story, ask a question, or start a conversation about (almost) anything you desire. Maybe you'll make some friends in the process.
RULES
- Be respectful: no harassment, hate speech, bigotry, and/or trolling
- Encourage conversation in your post
- Avoid controversial topics such as politics or societal debates
- Keep it clean and SFW: No illegal content or anything gross and inappropriate
- No solicitation such as ads, promotional content, spam, surveys etc.
- Respect privacy: Don’t ask for or share any personal information
Related discussion-focused communities
- !actual_discussion@lemmy.ca
- !askmenover30@lemm.ee
- !dads@feddit.uk
- !letstalkaboutgames@feddit.uk
- !movies@lemm.ee
founded 1 year ago
MODERATORS
Just automate it and gate it behind a strong passphrase and 2 factor the vault you use
https://github.com/Bubka/2FAuth
https://www.makeuseof.com/what-is-password-vault/
https://nerdschalk.com/8-best-self-hosted-password-managers/
https://www.hashicorp.com/resources/painless-password-rotation-hashicorp-vault
I know hashicorp has ruffled some feathers with the new terraform licensing but vault is still free and self hosted.
I think your missing the point. It doesn't matter how good an individuals security practices are if the system itself has bad security architecture.
So in your post you refer to, for example, an admin at microsoft headquarters having to change his password, not the user of one of microsofts services being forced to change their password?
I am generally more annoyed at the second bit, the user having to change their password. Both are problems, but internal policies for changes are usually documented and communicated.
Having to change the services password is just a few buttons in the password manager, but it helps mitigating brute force attacks and limits the attackers access to the validity period of the password. So that's very beneficial.
It doesn't matter how good an individuals security is, its the system that's a problem. Passwords are not often compromised through brute force. Password resets are a much more efficient entry method.
https://pages.nist.gov/800-63-FAQ/#q-b05