this post was submitted on 07 Jun 2024
454 points (97.5% liked)
Technology
59534 readers
3195 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It barely matters if the database is encrypted or not. If the user has access to it, they have the keys to it, and so would anybody else with access.
The real danger is that intruders will have access to your entire history from before they had access to your machine, and it's all in one place.
With easily searchable text, search for "bank" and get all accounts login. Yay no need to wait for the hacked user to get on his banking site he's been there before. Quick in and out without being noticed and you got all you need to empty his account. Thanks Microsoft I knew you where so helpful to hackers while making my life shittier all the while.
Every banking site I've been on jumps through all sorts of hoops to make sure the browser doesn't save the password, usually with some 2FA thrown into the mix.
But I'd imagine that a lot of older people have a helpful passwords.txt file sat smack bang in the middle of their desktop, or just use the same one for everything. I mean, we're in an age where you need a username and password to update your graphics drivers for some godforsaken reason. It's not going to be hard to find that The One True Password with access to this.
I've encountered IT departments with an unencrypted passwords.xlsx file that they store on the network. Not always super small companies too.