Wait, is bitwarden seriously peddling shit about having a difficult to guess username? They're not passwords, they're nonsensitive handles that are displayed in all social apps ffs...

> Say, for instance, your name is Jane Doe and you use janedoe as the username for your account. If a hacker knows your first and last name, a couple of quick guesses (say janedoe or jdoe) and they're halfway to accessing your account

I would not hire this person to do anything with security.


passwords and two factor are the only things that help with account security and I can't believe we're clouding the topic when we can't even get people to do that


> halfway to accessing your account

If your password is easier to guess than your username, there's something horribly wrong.

@rune To be fair, there are some risks to user enumeration: it helps attackers find valid accounts that they can go and probe for weak passwords. But the solution to that isn't a strong username, it's a strong password. 🤦

Sign in to participate in the conversation

Mastodon Community of Denmark (MCD) for Danes and other people to talk about Denmark or whatever.