Is it more secure to use Google's SSO for login or mail + pass + lastpass?



  • As the title states 🙂 thanks!


  • - Ambassador -

    @Biberkopf , I don't think SSO is more secure or private in any case. Apart from the fact that Google is not exactly privacy-oriented, a supposed hacker only needs a single log in data to have access to all the related ones. SSO is only more comfortable, but less security.


  • - Ambassador -

    100% on what @Catweazle said about "comfortable, but less security".
    You can almost tell by how inconvenient things are for you, how secure you're being. That can extend to privacy as well.


  • - Ambassador -

    @KSB , online privacy and security are synonymous. Just like in real life, go with a sign with the address and personal information in a neighborhood of dubious reputation.


  • - Ambassador -

    @Catweazle They aren't the same thing. Like with your example, if you know where someone lives - that information isn't private. Security is not being able to break into their home.
    Anonymity is also a different thing. Traffic all coming from one VPN server (without additionally provided information) makes you anonymous because so many ppl are traversing to a particular website from said vpn server, you can't tell them apart. What they're doing isn't private because a web host can see their activity but not know one individual from another.


  • - Ambassador -

    @KSB , I do not think the same, just as it is not advisable to go on a trip having a label with your address on the suitcase, as some have. Nor to announce it on FB when you go on a trip.
    Some people find this type of information very useful, to know when a house is empty.
    On the internet we often expose data with a carelessness, which in real life we ​​would never do. What is much worse at heart, in real life could be seen by a few of our environment, online can be many thousands, not all well-intentioned.


  • - Ambassador -

    @Catweazle No mistake: I think security, privacy, and anonymity should be exercised. I just think your definitions were a bit skewed.


  • - Ambassador -

    @KSB , it can be, but I prefer to put care before regret. In the network I don't trust my own shadow.



  • Anything Google is insecure by any standard.

    Google is an advertisement company that makes money by reading your emails, analyzing the videos you watch on Youtube and searches you make on Google Search and selling your data to 3rd party companies.

    LastPass is also a private company that has no legal obligation to protect you. It can get hacked like any other company. You do a big mistake by trusting a random company with your passwords. Use a local software like KeePass.

    So my answer is no.


  • - Ambassador -

    @RichardDick , a password manager is recommended, as long as you do not have the master password on a post-it attached at the monitor.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.