Leo@lemmy.linuxuserspace.show to Technology@lemmy.worldEnglish · 1 year ago1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comexternal-linkmessage-square46fedilinkarrow-up1250arrow-down18cross-posted to: technology@lemmy.mlnews@lemmy.linuxuserspace.showsysadmin@lemmy.worldhackernews@derp.foo
arrow-up1242arrow-down1external-link1Password discloses security incident linked to Okta breachwww.bleepingcomputer.comLeo@lemmy.linuxuserspace.show to Technology@lemmy.worldEnglish · 1 year agomessage-square46fedilinkcross-posted to: technology@lemmy.mlnews@lemmy.linuxuserspace.showsysadmin@lemmy.worldhackernews@derp.foo
minus-squareAnoxydre [they/them]@jlai.lulinkfedilinkEnglisharrow-up24·1 year agoExactly. Accounts are locked with both password and encryption key. The latter is not known by 1Password.
minus-squaretippl@lemmy.worldlinkfedilinkEnglisharrow-up4·1 year agoTo be accurate, they don’t know either. A login key and a decryption key are derived from password and secret key client-side.
Exactly. Accounts are locked with both password and encryption key. The latter is not known by 1Password.
To be accurate, they don’t know either. A login key and a decryption key are derived from password and secret key client-side.