FYI!!! In case you start getting re-directed to porn sites.
Maybe the admin got hacked?
edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.
Post discussing the point of vulnerability: https://lemmy.ml/post/1896249
Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895
It’s buggy and missing some key checks to make sure it’s working when you set it up.
Real risk of locking yourself out of your account.
oh, really? maybe i’ll turn mine off then…Thanks for the heads up!
Mostly a risk on initial setup.
I’ve been waiting a bit for it to stabilize and just using huge random passwords
If you’re using a password manager you’d be doing this for every site and without even having to think about it. Bitwarden is a great choice.
I like KeePass. Bitwarden currently has an nginx exposure in the Dockerfile published in their git repo (may have been fixed since a couple of days ago). That said, I used Bitwarden for many years and switched out of an abundance of paranoia, and am definitively not recommending against it. Just basically use one of the following:
And stay far the fuck away from LastPass
my uni is currently still recommending lastpass as of now, tho I’ve heard they might be looking for alternatives …
LastPass has had a few security incidents lately. I do not trust them at all.
KeePass +1
Oh I do. Used Bitwarden for many years.
I actually use keepass for totp codes too.