is there even a point to have sso when one has a password manager that autofills login forms?
-
is there even a point to have sso when one has a password manager that autofills login forms?
-
is there even a point to have sso when one has a password manager that autofills login forms?
@hypha@cafe.mycelium.locahlo.st i personally don't think, does't sso just create a primary attack vector instead?
though i would also say that the argument brought up in its post is not very effective because many people do not use password managers. (i experience this at work regularly) -
@hypha@cafe.mycelium.locahlo.st i personally don't think, does't sso just create a primary attack vector instead?
though i would also say that the argument brought up in its post is not very effective because many people do not use password managers. (i experience this at work regularly)@Johann150 mhm, unsure on how to parse the first part of the reply
but for context that’s for personal use, only for that one, not for work or whatever
-
@Johann150 mhm, unsure on how to parse the first part of the reply
but for context that’s for personal use, only for that one, not for work or whatever
@hypha@cafe.mycelium.locahlo.st what i meant with the first part is that instead of having to attach individual applications you only have to (successfully) attack the SSO provider and then that would allow you access to all the applications connected to it, right?
if its only for private use, i.e. there is only one user, then yes, my 2nd point is moot.
