EvaPour one out for all of the security practitioners who are going to have to spend the holidays patiently explaining that using a password manager is still good, actually, to people who have glanced at a headline about the latest LastPass breach.
Stuart Schechter@evacide Pour one out for the usability researchers who are going to spend the holidays patiently explaining to the rest of the security community how all password managers fail users at the master-password creation step.
Hutch@MildlyAggrievedScientist @evacide I honestly don't know what's lacking, how would you improve that?
@hutchinsonmini @evacide they could train users to learn a strong master password or remove the need for a memorized password entirely.
See more in this thread:
https://mastodon.social/@MildlyAggrievedScientist/109570067261307863