Memes

45180 readers

1627 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]

1301

Add-on: same password, same identity. (lemmy.world)

submitted 10 months ago by woshang to c/[email protected]

173 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] qqq 1 points 10 months ago

This is not necessarily true.

For example, consider the case of a 1Password vault falling into the hands of an attacker. They do not have the option to just crack your password, as the password is mixed with a randomly generated value to ultimately derive the key. They would need to simultaneously brute force your password and that random value. This should almost be impossible. However, given access to a client that already has knowledge of the secret value, it would fall back to brute forcing the password.