1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant.
If a user was social engineered, not very tech savy to catch on to it and revealed the master password, you’d only need to guess the encryption key, no?
It’s not as simple as brute forcing the password, it’s also encrypted using a secret key. You essentially have 2 factor encryption on the vaults.
If a user was social engineered, not very tech savy to catch on to it and revealed the master password, you’d only need to guess the encryption key, no?
Yes, but the encryption key is very likely more secure than the users password to begin with.