Wait, is bitwarden seriously peddling shit about having a difficult to guess username? They're not passwords, they're nonsensitive handles that are displayed in all social apps ffs...
I get so fucking tired..
https://bitwarden.com/blog/how-to-use-the-bitwarden-username-generator-and-why-you-should/
> Say, for instance, your name is Jane Doe and you use janedoe as the username for your account. If a hacker knows your first and last name, a couple of quick guesses (say janedoe or jdoe) and they're halfway to accessing your account
I would not hire this person to do anything with security.
passwords and two factor are the only things that help with account security and I can't believe we're clouding the topic when we can't even get people to do that
@rune To be fair, there are some risks to user enumeration: it helps attackers find valid accounts that they can go and probe for weak passwords. But the solution to that isn't a strong username, it's a strong password. 🤦
@rune
> halfway to accessing your account
If your password is easier to guess than your username, there's something horribly wrong.