Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …
I promise that posting to one instance will get it shown across lemmy. You don’t need to cross post 5 times.
It's the flaw of app that doesn't lump together crosspost, webUI will just show one post. Besides, some people browse subscribe only, and small instance will need some work to have a lot of community shows.
So if I understand correctly, if the user had enabled Windows Hello, then there is an (intended) "backdoor" access to Hello credentials by the Domain Admin? And this has now been resolved by Bitwarden because Microsoft says it was intended behavior.
WindowZ...