I use bitwarden as my password manager. Since I lost my stupid crappy phone to poor construction late last year, and started using my mom's old phone, my password manager had been unused, as I forgot the master password. Twenty minutes after I reset the master password three days ago, I discovered it was right there in the browser. Which is fine, whatever, because that was also an excuse to change all the important passwords of mine, including banking websites etcetera. Apparently the password I'd been using for the past 15 years was compromised at some point, and since I used various variants of it throughout, I could have been in a tricky situation. But now that they've been changed, I feel comfortable and safe.
Changed the bank passwords, changed most 'social media' passwords, even sketchy internet service providers that I never hope to use again. Feel comfortable that my identity is slightly less likely to be stolen, with all the notifications and what not.
On the other hand, knowing what I know about how far evil people will go to extract other people's personally identifying information to extract details to swindle them or steal government's money from them, every piece of private information on me is probably for sale in the dark markets already. Though my whole threat model is designed to fight that. I'm not afraid of somebody looking over my shoulder as I type my password, or somebody seeing my password in plaintext as I type it in the browser. I'm afraid of evil people who will use it for gaining unemployment benefits, or government funding, or anything that they don't deserve. A hard password will make life harder for them, and so will two-factor. Just wish all the companies and government agencies had their game better.
No comments:
Post a Comment
Tell me what you think. I'll read, promise.