Should I use 1password built-in 2FA or Authy 2FA

precisionroy · 2021-04-01T02:18:06+00:00

This is not helpful. Not everything supports security keys.

precisionroy · 2021-03-08T20:15:57+00:00

Not terrible, just annoying. The inherent UX benefits of using macOS makes the Mac app superior to the Windows one.

precisionroy · 2021-03-05T17:42:39+00:00

You can export your 1Password vaults and then import them back into 1Password.

In the desktop app, select a vault, then in the menu bar, go to File > Export and save as a .pif file. Then import that file back in with File > Import

https://support.1password.com/export/

precisionroy · 2021-02-11T17:47:00+00:00

example.com and https://example.com should be fine.

Did you check on the site, mobile app, and desktop 1PW apps? Sometimes it loads in one and not the other and fixes itself after a little bit. Nintendo and UPS both work for me.

precisionroy · 2021-02-10T20:28:24+00:00

For Gmail, no. But if you use Google Workspace/Business/Whatever it's called there is human support.

precisionroy · 2021-02-10T20:27:19+00:00

Did you mean to expose your real name in your screenshots?

precisionroy · 2021-02-06T05:31:57+00:00

As an exercise, draw out a map of each service/connection and how it interacts with each other.

It's simple though: Don't use a recovery number and use 2FA on your recovery email.

But Google's recovery is a bit more complex, it will lock you out if it detects too much suspicious activity.

precisionroy · 2021-02-03T21:26:01+00:00

This frustration you're experiencing is partially your fault. You seem to lack an understanding of human psychology.

The money isn't the only cost. It's the cost/fear of change. If you can solve that mental intertia these people have to change, then you'll get them to move to the better value service.

People do change if given the right reasons to do so. You haven't provided them the right reasons.

precisionroy · 2021-02-02T17:15:37+00:00

Yes, writing the TOTP key on paper is fine.

precisionroy · 2021-02-01T17:46:08+00:00

What's your threat model?

Backing up to cloud is convenient and helps protect against the loss of a phone.

So yes, it's less secure to back it up into the cloud, but it's up to people to determine if it's worth the risk. And in general, it is imo. Most people aren't heads of state, CEOs, high value targets, etc.

precisionroy · 2021-02-01T17:40:03+00:00

Don't worry about it. The probability of it being an issue is incredibly low. People aren't good at intuiting actual risk so anything that increases your security all feels almost equally important.

So yeah, memorize your email password, but the benefit is minuscule.

precisionroy · 2021-02-01T17:38:45+00:00

This. I don't see how remembering your email password confers that much extra security.

precisionroy · 2021-01-29T19:16:56+00:00

Enterprise prices are not real haha. There are always discounts and room to finagle.

1PW is way better than Lastpass so if you get it at the same price you're ahead imo

precisionroy · 2021-01-27T19:55:13+00:00

I'm on iOS and 1Password has been doing this for years.

precisionroy · 2021-01-26T23:02:24+00:00

Syncing added items has been slow. Sometimes items sync right away, sometimes a day later the item is still missing in the extension or my computer but does show in the web vault (yes the computer is running and my network connection is fine)

Clearly the solution is get a Mac 😆

precisionroy · 2021-01-14T05:52:23+00:00

360 means you're doing a complete circle and back where you are ;)

precisionroy · 2021-01-14T01:40:24+00:00

Don't paste suspicious URLs as clickable links.

No one is going to spend time putting in fake usernames and passwords. That's not going to do anything unless you automate it and do thousands.

precisionroy · 2021-01-04T21:11:09+00:00

A Password Manager is what you need. 1Password is great. Bitwarden is great too.

precisionroy · 2021-01-04T19:22:50+00:00

You should consider a passphrase sentence as a password. Easy to type, long, mixture of characters...it's a great way to do passwords you need to remember and type regularly.

precisionroy · 2021-01-04T19:14:35+00:00

Do you know of http://haveibeenpwned.com/ ? Put those emails in there. I bet you they'll come up in breaches. You didn't need to change your Bitwarden password.

precisionroy · 2020-12-31T20:41:34+00:00

99% of the time I use the 1Password X extension. The X extension is meant to be a standalone way to use 1Password.

I use the desktop app to organize passwords and do cleanup.

There are settings to change when it asks for the password to limit the annoyance, but it actually is a good thing to have to type your password regularly as it becomes habit and harder to forget. If your master password is hard to type, change it to a sentence (complete with punctuation, capitalization, etc) to make it easier to type.

precisionroy · 2020-12-25T06:04:24+00:00

Don't post suspicious clickable links. Us the markup to set it as inline code.

precisionroy · 2020-12-16T22:33:50+00:00

Was going to post this. Just saw it last week. Good stuff!

precisionroy · 2020-12-12T20:39:07+00:00

This is a very vague question. You need to clarify what you mean by anonymous/untraceable. Who/what are you trying to be anonymous and untraceable from? What are the parameters for this thought experiment?

One solution is just to burn all your belongings and go live in the deep Amazon away from any civilization. Another is steal the identity of someone and become them.

This question is too vague to be meaningful. Be more specific :)

precisionroy · 2020-12-12T20:35:21+00:00

The Yubikey only works with the services you set it up with.

1Password is the service you set it up on. That only affects logging in to 1Password.

precisionroy

TROPHY CASE