|
|
|
|
|
|
by mechanical_fish
4698 days ago
|
|
|
Justin Schuh had a nice capsule summary of some available techniques for compromising logins: https://news.ycombinator.com/item?id=6166731 - dump all your session cookies - grab your history - install malicious extension to intercept all your browsing activity - install OS user account level monitoring software The last one could plausibly work, in combination with "grab a copy of the encrypted 1Password key file", to compromise all the 1Password stuff. The others essentially work around 1Password, or so I believe. This is why there are certain passwords that I don't even store in 1Password. It's also an argument for two-factor auth. |
|
|