Technically yes. But of course they would (and can’t really) do that. But you could also eat stuff like roadkill and it’s vegan. Veganism as a moral philosophy has nothing to do with food, it’s about respecting and granting animals the same rights as humans (as far as applicable, not stuff like voting).
Depends on the uses. Food Theory did a great video about this very thing, covering preferred taste, consistency, price, protein / fat content, and bake-ability: youtu.be/df8FRfVtVNw
Lactose is simply the kind of sugar/ starch in the milk.
Only if you define vegan as to strictly avoid any animal product (and define humans as animals). A somewhat looser Definition says to avoid animal exploitation.
So a product made by a non-domesticised animal in a natural way - e.g. Penguin guano - could be seen as vegan. The animal produces it anyway and the product isn’t won through keeping the animal captive and / or “stealing” from it.
After all I wouldn’t be too strict with definitions here.
Most honey wouldn’t be vegan but perhaps an abandoned hive could be harvested. Or infertile eggs from an abandoned nest? Bits of sheep’s wool collected from a spiky bush?
Yeah sure. Maybe you could make the argument that humans should leave stuff like that for other scavengers who need the nutrients to survive, and instead opt for plant foods. But at those edge scenarios you would then also have to take into account the impact that plant agriculture has on wildlife. It’s quite possible that scavenging and gathering is the most vegan option, but seeing how it’s neither viable for a lot of people nor something that often comes up in daily life, it’s easier to just generalize vegan food as plant based.
I never got over the fact that I somehow need to trust to an absurdly high degree a proprietary software to store ALL my passwords. Is this really a good idea?
You can use KeePass, but you’ll have to figure out a way to have your password vault available on other devices (can do it by using any cloud shares, i.e. GDrive). This way you’ll be in charge of almost every aspect of your passwords. But you’ll have to take care of backups and keep everything in sync.
I read a bit into bitwarden and it seems quite good, also with browser extension etc. Maybe I will think about my stance on password managers and give it a try
I’m sorry but no. I’m physically incapable of not moving the capital letter one space and I’m not entrusting my passwords to what I’ve irrationally decided IS named KeepAss. I just can’t.
It seems bitwarden is a bit more user friendly and also quite good in terms of security and privacy related issues (FOSS as well!) . Thanks for the help!
Even if they did, there’s some really smart technology at play here. I think your paranoia here is unjustified. I felt the same way until I read about their technology. At that point I felt comfortable using their service.
Anyway, iirc, 1password is architected in a way where a breach won’t actually disclose the passwords of their users, but I’m too tired to do the requisite double-checking to verify it
You are right in a way. I always assume company sysadmins have access to company data, even if they say the opposite, and I always assume there are undisclosed data leaks. Which may seem a little paranoid.
It’s like closing your car’s door when leaving it alone: Is it paranoid to assume that always there are someone willing to steal stuff?
No, I don’t think it’s healthy to move through life in such a paranoid state. If I thought that, I wouldn’t use a password manager and that would leave several problems unsolved, chiefly I would only be able to remember a couple passwords, opening my identity up for hacking several orders of magnitude likelier to actually happen than 1password’s entire technology stack failing at its one job.
A lot of weird hate for 1Password on Lemmy the past couple days. I highly recommend reading their white paper, I think most of the hate comes from ignorance of what they are actually doing.
It’s the choice between trusting one company (or if you self host, trusting yourself) to have their security all in order and properly encrypt the password vault. Using one password for every site you use means that you have to trust each of those sites equally, because if one leaks your password because they have atrocious password policies (eg. storing it in plain text), it’s leaked everywhere and you need to remember every place you used it before.
Good password managers allow audits, and do at times still get hacked naturally (which isn’t 100% preventable). Yet neither of these should result in passwords being leaked. Why? Because they properly secure your master password so it can’t be reverse engineered to plain text, and without the master password your encrypted password vault is just a bunch of random bytes. And even in the extreme situation it did, you know to switch to a better password manager, and you have a nice big list of all the places where you need to change your password rather than trying to remember them all.
Human memory is fallible and we want the least amount of effort, because of that we usually make bad passwords. Your average site does not have their password security up to date (There’s almost a 0% chance not one of your passwords can be found here). If you data is encrypted accordingly, it doesn’t matter if it gets leaked in any way or stolen by some rogue employee, so long as they do not have your master password. So yes, I’d say that’s a good idea.
So all my passwords are locked behind a single password? Isnt this essentially the same as using the same password for every site. In that they only need to cracl o e password to have access to everything?
For example, consider the case of a 1Password vault falling into the hands of an attacker. They do not have the option to just crack your password, as the password is mixed with a randomly generated value to ultimately derive the key. They would need to simultaneously brute force your password and that random value. This should almost be impossible. However, given access to a client that already has knowledge of the secret value, it would fall back to brute forcing the password.
You should be safe as long as your master password isn’t small, less than 15 characters. The longer the password, the better. Personally what I do is use a pass phrase to make it easily memorable, and then use it as a base to inflate security somewhat artificially.
Wrap the pass phrase around in brackets or symbols; mix lower/upper case; replace (or add to) a word in your pass phrase with one from a random other language, so instead of hello you type bonjour. Bonus points if you are able to replace even a few letters in your pass phrase with fancy diacritics, or fuck it add an emoji or two.
Then again there are a LOT of other factors which go into security. Theoretically the lyrics of song are decent as a pass phrase but there’s not much point if everyone knows what your favourite song is, or if you are learning Spanish then you’ll replace the English words with Spanish.
Unless you’re in a position where you’re targeted by nations or are working extremely high profile jobs like CEO or digital security you should be safe really with all these but as I said there’s a lot to keep in mind.
2FA is in the name, 2 factor authentication. A “factor” can be considered as proof that you are who you are. The more the factors provided, the more concrete proof the system has that the user is legitimate.
What a factor is is a more complicated. It can be broadly put in 3 categories (there’s more but we’ll ignore for now) :
something you know, like a PIN/password
something you are, like biometrics/eye scanning
something you have, like an ATM card or phone
The 2FA you are thinking of is probably the 1st (a password you know) + a PIN sent to or generated by something you have (a phone). If the 2nd pin was some you had created by memory like a password rather than a remote system generated one then it would be considered same as the first factor, it wouldn’t be multi factor.
So yeah it’s important that you keep both factors as secure as possible. A good password + a phone to generate TOTPs. I mean theoretically you can keep a password of ABC and keep 2FA on so hackers wouldn’t be able to get into your system but let’s follow best practices yeah? Use a password generator to make complex passwords for a login and enable 2FA.
In theory, yes but if you use a good password manager and have a strong master password the encryption should be practically impossible to break. The fact that you only have to remember one password means that this password can and should be a very strong one. 20+ characters with upper and lowercase letters, numbers and symbols should take centuries to crack.
The danger of using the same password everywhere is from leaks caused by poor security in one of those sites.
Passwords getting leaked are almost always unrelated to how strong the passwords are and has more to do with how those password are stored, and what protection measures they have against unauthorized people accessing them.
No one is ever going to “crack” your single password for your password manager as long as it is a strong password, though you might write it down in your wallet and lose it in a busy station, just like some administrator of a website might forget to close outside access to their mysql database containing unencrypted plaintext passwords.
I have been wondering as of lately, I’m an old Bitwarden user and I use their generated passwords which are just a random mess for my eye, anyway when a leak occurs I usually tend to type my known passwords to match it with the leak lists, but now all this being auto generated and I be totally clueless of which is which, how would I ever notice if one of those more secure passwords are leaked?
Does Bitwarden let you know of leaked passwords as Chrome and I think Firefox does? Because I don’t recall having this info in hand.
This shouldn’t happen unless you overcook your pasta. When the water starts boiling, toss in some salt and then the pasta. Wait for length of time on the pasta package. Then remove from heat and drain. If it still gets sticky, buy a better quality pasta.
It’s great. I started working in the factory in 2015. Don’t have to play that many other games anymore and runs well on older hardware. It has saved me a lot of money because of these 2 reasons.
memes
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.