• 4 Posts
  • 7 Comments
Joined 1 year ago
Cake day: July 2nd, 2023
  • zahel@lemmy.worldtoReddit@lemmy.worldJoey for Reddit went down today
    3·
    1 year ago

    You can circumnavigate it.

    Just use revanced to patch sync to use a personal API key.

    Or compile an open source client like infinity to use your own api key. It’s free and you can continue to use the apps.

    It doesn’t screw anyone over because at least for now, Reddit gives free api keys to users (with limitations most users wouldn’t exceed) - they can’t even tell what the app actually is.

    But there’s no reason to believe they won’t eventually remove free api access for users as well. You can do what you want, but it’s a sinking ship hoping to use third party apps long term.

    Especially since the apps are no longer being developed, if reddit makes a change the app can’t cope with, bam. done. It’ll work for now though.

    Personally for me, it’s easier to just cut that chord now.

  • zahel@lemmy.worldtoAndroid@lemmy.worldOpinion - What are your thoughts on password managers? Do you use one? Would you recommend it to others?English
    64·
    1 year ago

    The way that Bitwarden stores your data, it is encrypted as a blob on AWS. If anyone compromises Bitwardens infrastructure, they can’t do anything because even Bitwarden doesn’t have the keys to decrypt your vault.

    Your vault can only be decrypted with your master passwords, and decryption happens locally, on device. No decrypted information is sent over the internet.

    As far as someone gaining access to your master password and this all other passwords stored in the pass manager, that is why 2 factor authentication exists.

    I could give you my Bitwarden master password right now, but that won’t help if you don’t also have my 2fa code.

    And that’s just talking about using the hosted version of Bitwarden.

    If you self host, you don’t even have to have the app available to the public internet, and can access it purely through a vpn to your LAN.

    Then the attacker would not only need to have access to your local network, also know your master password, and have access to your 2fa.

    If they know that much about you, you have larger concerns.

    So in short, your concern is mostly addressed and not really a concern if you utilize the features provided, such as 2fa