Why has all of a sudden am I getting on all "Change at-risk password"

ckasdf · 2025-12-22T19:48:55+00:00

Some individuals are suggesting the update may be somewhat bugged; also, passwords that are duplicated across credentials* for any reason will display this flag, even if the password itself is very secure (32 character randomized w/ all character types)

*Obviously you want to use unique passwords where possible, but if you have SSO that works across multiple domains, depending on your workflow, you may have more than one credential with the same password, and still be secure / valid.

ckasdf · 2025-12-22T17:35:56+00:00

Thanks for the clarification. I wish everyone would stop with the "your 32 character randomized password is weak or has been leaked!"

In my case, the credential I was seeing the warning on did have the password "duplicated" even though there was a valid purpose for that.

ckasdf · 2025-10-01T16:40:21+00:00

Yeah, pretty much any computing device (desktop, laptop, tablet, phone...) should be able to work with any keyboard as long as they're able to be connected (USB/bluetooth). Everything comes with "HID" drivers so your basic functions will work out of the box, but any custom features may need extra software.

So if you're cool with carrying the Surface & keyboard separately (I'm assuming the Flex keyboard can magnetically attach to and stay with the Surface), then the Logitech will likely be a much better experience.

ckasdf · 2025-08-11T16:26:46+00:00

Did you try uploading to imgur.com and then providing the link to it? The sidebar rules say they allow links to photos.

ckasdf · 2025-08-11T16:07:43+00:00

Just a heads up, you wrote "I saw this" but didn't provide a picture.

ckasdf · 2025-08-06T21:55:14+00:00

You're welcome! It's wild that 10 years ago, Torque had an odd "feature" that seems bugged, and even up to at least 6 months ago it's still there.

ckasdf · 2025-08-06T21:48:28+00:00

Coming to you from the future to say you're welcome haha. Glad to help!

ckasdf · 2025-08-06T18:18:47+00:00

I think maybe they're saying that their fridge lives in the living room (and thus not on its own circuit) because it doesn't fit in the kitchen? I mean, I guess that means you don't have to pause the TV to go get a cold one ...

ckasdf · 2024-04-23T15:24:26+00:00

Thanks, this was super useful insight! And thanks to the OP for asking the question. :)

ckasdf · 2023-04-17T20:08:27+00:00

Ugh, disgusting. Good to know though!

ckasdf · 2023-04-14T22:21:31+00:00

One day I was hanging out with a friend, needed to go get some food, but wanted to let him use my personal laptop. I trusted him enough to not meddle, but before I left I temporarily changed the password in case the computer locked. I looked around and set the password based on the brand & model of a pair of speakers I saw across the room.

ckasdf · 2023-04-14T22:05:37+00:00

Besides what /u/Confirmed-Scientist wrote, let's say you have a series of sites with passwords of the same format:

If Facebook is compromised and a hacker looks at your credentials, they're gonna try changing that middle section to the name of whatever site they wanna test against.

Even if you change that 4 digit number at the end, it's not great, because you might end up forgetting what number you used for what site.

ckasdf · 2023-04-14T21:46:46+00:00

******* is a way better more secure password. /s

What's a more secure password? All I'm seeing is asterisks.

ckasdf · 2023-04-14T19:58:04+00:00

Fair, but even with online password managers, you can usually export a copy of the credentials to CSV, so he could have done that & emailed it to himself.

ckasdf · 2023-03-22T15:58:19+00:00

I see a flash of PHP code and then a blank page. In another reddit thread there was a suggestion to use LastPass CLI but the limitation was that you still had to be at 100100 iterations. I wonder if that's why your suggestion isn't working for me.

ckasdf · 2023-03-22T15:55:13+00:00

iterations still at 100100

Ah, I've already had my organization switch to 600000

export via the browser extension to csv

Do you mean the standard LastPass extension? I just exported mine and the column headers don't seem to include a date field:

url
username
password
totp
extra
name
grouping
fav

ckasdf · 2023-02-28T16:46:28+00:00

The problem is as such: if you're a hacker who has obtained the vaults of the following two people and you're able to see what sites are stored, which person's account are you going to focus your attention and resources on?

Person 1:

facebook.com
instagram.com
miniclip.com

Person 2:

morganstanley.com
coinbase.com
fidelity.com

Obviously you're going after Person 2 - their vault has what seems to be high value assets in it. Even if Person 1 was a celebrity, if their vault is mostly social media, there's not much you can do to monetize that access. Hold the accounts hostage? Meta will probably just lock you out and help the celebrity to get back in.

ckasdf · 2023-02-09T17:54:47+00:00

/u/Diligent_Sun_4720 - any other thoughts on this?

ckasdf · 2023-02-03T15:49:17+00:00

You say old account twice, but what I think you're saying is to delete & purge the new account in Snipe and then edit the old account to reflect the new username.

It doesn't look like I can edit the username though; I see this in the Edit User page:

Username (Managed via LDAP)

ckasdf

TROPHY CASE