I just got the email from haveibeenpwned. F Trello.

  • @CosmicTurtle@lemmy.world
    link
    fedilink
    English
    2511 months ago

    Yes but this wasn’t a data breach. This was a data stuffing incident, meaning they took someone else’s data dump and tried their email and credentials here.

    • never use the same username and password in two or more places
    • always use MFA, a hard token if you can like a yubikey
      • @brian@programming.dev
        link
        fedilink
        English
        211 months ago

        all the root secrets are available in plain text the generator app at some point, they have to be. moving that to a single purpose device greatly reduces the risk of vulnerabilities in your phone leading to exfiltration via internet connection

      • @Kayel@aussie.zone
        link
        fedilink
        English
        111 months ago

        I cannot think of a use-case outside of statecraft. Maybe companies engaged, or being engaged, in corporate espionage.

    • @Paragone@lemmy.world
      link
      fedilink
      English
      -811 months ago

      Do you own a Yubikey?

      Have you ever succeeded in getting it to work with anything??

      It didn’t work with gmail, or any other online account I had.

      An absolute waste of $$.