MastodonTech.de

nemo™ 🇺🇦🚨 New vulnerability alert! 🛡️ Researcher Marek Toth reveals that browser extensions of popular password managers can be exploited via DOM-based clickjacking to steal your access data. Several managers have patched it, but update yours now & follow best practices for protection! 🔐🖥️ <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mas.to/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mas.to/tags/DataTheft" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataTheft</a> <a href="https://www.heise.de/en/news/Password-manager-Browser-extensions-can-enable-data-theft-10573607.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Password-manager-Browser-extensions-can-enable-data-theft-10573607.html</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a>

knoppix⚠️ Major password manager extensions—1Password, Bitwarden, LastPass, Enpass, iCloud Passwords & LogMeOnce—are vulnerable to clickjacking attacks that risk exposing login credentials & sensitive data. 🔐🕵️‍♂️Bitwarden patched the flaw ✅; others lag behind. Users should update extensions & disable autofill until fixes. 🛡️🔄<a href="https://1password.social/@1password" class="u-url mention" rel="nofollow noopener" target="_blank">@1password</a> <a href="https://fosstodon.org/@bitwarden" class="u-url mention" rel="nofollow noopener" target="_blank">@bitwarden</a> <a href="https://www.techspot.com/news/109149-lastpass-1password-bitwarden-extensions-vulnerable-clickjacking-attacks.html" rel="nofollow noopener" translate="no" target="_blank">https://www.techspot.com/news/109149-lastpass-1password-bitwarden-extensions-vulnerable-clickjacking-attacks.html</a><a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mastodon.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://mastodon.social/tags/1Password" class="mention hashtag" rel="nofollow noopener" target="_blank">#1Password</a> <a href="https://mastodon.social/tags/Bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bitwarden</a> <a href="https://mastodon.social/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#Browser</a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechNews</a> <a href="https://mastodon.social/tags/Clickjacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Clickjacking</a> <a href="https://mastodon.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tech</a>

toooobeeee :verified:I går var jeg i en købmandsbutik langt ude på landet på Mors. Ved kassen foran mig stod en ældre dame ( nej hun var faktisk gammel!) som ikke kunne betale det hundefoder hun havde i kurven, fordi hun ikke kunne huske PIN koden til hendes Dankort. Ekspeditienten kunne hjælpe: de havde simpelthen en liste med PIN koder fra deres trofaste gamle medborgere! <a href="https://social.linux.pizza/tags/dankort" class="mention hashtag" rel="nofollow noopener" target="_blank">#dankort</a> <a href="https://social.linux.pizza/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://social.linux.pizza/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a>

maschmiDOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft<a href="https://thehackernews.com/2025/08/dom-based-extension-clickjacking.html" rel="nofollow noopener" translate="no" target="_blank">https://thehackernews.com/2025/08/dom-based-extension-clickjacking.html</a><a href="https://mastodon.social/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a> <a href="https://mastodon.social/tags/clickjacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#clickjacking</a>

XabiOkerreko webgunean click egin eta zure pasahitz guztiak arriskuan egon daitezke.Kontuz pasahitz kudeatzaileen nabigatzailerako pluginekin.<a href="https://thehackernews.com/2025/08/dom-based-extension-clickjacking.html?m=1" rel="nofollow noopener" translate="no" target="_blank">https://thehackernews.com/2025/08/dom-based-extension-clickjacking.html?m=1</a><a href="https://mastodon.eus/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.eus/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#2fa</a> <a href="https://mastodon.eus/tags/mfa" class="mention hashtag" rel="nofollow noopener" target="_blank">#mfa</a> <a href="https://mastodon.eus/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a> <a href="https://mastodon.eus/tags/pasahitzak" class="mention hashtag" rel="nofollow noopener" target="_blank">#pasahitzak</a>

NathaAre you using a password manager from <a href="https://1password.social/@1password" class="u-url mention" rel="nofollow noopener" target="_blank">@1password</a>, <a href="https://fosstodon.org/@bitwarden" class="u-url mention" rel="nofollow noopener" target="_blank">@bitwarden</a>, <a href="https://birdsite.slashdev.space/users/dashlane" class="u-url mention" rel="nofollow noopener" target="_blank">@dashlane</a>, <a href="https://fosstodon.org/tags/EnPass" class="mention hashtag" rel="nofollow noopener" target="_blank">#EnPass</a>, <a href="https://fosstodon.org/tags/iCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#iCloud</a> Passwords, <a href="https://infosec.exchange/@KeeperSecurity" class="u-url mention" rel="nofollow noopener" target="_blank">@KeeperSecurity</a>, <a href="https://fosstodon.org/tags/LastPass" class="mention hashtag" rel="nofollow noopener" target="_blank">#LastPass</a>, <a href="https://bird.makeup/users/nordpass" class="u-url mention" rel="nofollow noopener" target="_blank">@nordpass</a> <a href="https://mastodon.social/@protonprivacy" class="u-url mention" rel="nofollow noopener" target="_blank">@protonprivacy</a> or <a href="https://bird.makeup/users/roboform" class="u-url mention" rel="nofollow noopener" target="_blank">@roboform</a> ? Then you better check this and make sure that your web browser extension is up to date: <a href="https://marektoth.com/blog/dom-based-extension-clickjacking/" rel="nofollow noopener" translate="no" target="_blank">https://marektoth.com/blog/dom-based-extension-clickjacking/</a><a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://fosstodon.org/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://fosstodon.org/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://fosstodon.org/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a>

passboltThe 20i FOSS Awards are here! 🎉If you value free, open source, self-hosted tools, this is a great moment to show your support. Passbolt is running for the Best Open Source Password Manager, and your single click can help us win this year. But hurry! Voting ends on September 1, 2025.Vote here 👉 <a href="https://www.20i.com/foss-awards/category/password-manager" rel="nofollow noopener" translate="no" target="_blank">https://www.20i.com/foss-awards/category/password-manager</a>Thank you for your continued support and contribution. ♥️<a href="https://mastodon.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.social/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfHosted</a>

Andreas GohrI wrote down a bit more about my password manager requirements and why I find keepass not adequate. <a href="https://www.splitbrain.org/blog/2025-08/17-password_manager_woes" rel="nofollow noopener" target="_blank">https://www.splitbrain.org/blog/2025-08/17-password_manager_woes</a> <a href="https://fedi.splitbrain.org/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://fedi.splitbrain.org/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a> <a href="https://fedi.splitbrain.org/tags/keepass" class="mention hashtag" rel="nofollow noopener" target="_blank">#keepass</a> <a href="https://fedi.splitbrain.org/tags/bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#bitwarden</a> <a href="https://fedi.splitbrain.org/tags/blogpost" class="mention hashtag" rel="nofollow noopener" target="_blank">#blogpost</a>

Andreas Gohris there a selfhosted password manager service that works offline? eg. I can save or edit passwords in the client (app/browser extension) and it will be synced once the password manager service is reachable again? I had assumed bitwarden/vaultwarden would work like that, but it doesn't. I don't want the system to be hosted online, only in my local Lan. update, because this is still being boosted: please read my post on this at <a href="https://www.splitbrain.org/blog/2025-08/17-password_manager_woes" rel="nofollow noopener" target="_blank">https://www.splitbrain.org/blog/2025-08/17-password_manager_woes</a> <a href="https://fedi.splitbrain.org/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a> <a href="https://fedi.splitbrain.org/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a> <a href="https://fedi.splitbrain.org/tags/bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#bitwarden</a> <a href="https://fedi.splitbrain.org/tags/vaultwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#vaultwarden</a>

HackerNoon1Password isn’t for everyone. It costs money and stores your data, in encrypted form, on its servers, which isn’t something everyone is comfortable with. <a href="https://hackernoon.com/protect-yourself-from-data-breaches-why-you-should-use-a-password-manager" rel="nofollow noopener" translate="no" target="_blank">https://hackernoon.com/protect-yourself-from-data-breaches-why-you-should-use-a-password-manager</a> <a href="https://mas.to/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwordmanager</a>

The New OilWhy security experts recommend standalone password managers over browser-based options<a href="https://bitwarden.com/blog/beyond-your-browser/" rel="nofollow noopener" translate="no" target="_blank">https://bitwarden.com/blog/beyond-your-browser/</a><a href="https://mastodon.thenewoil.org/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://mastodon.thenewoil.org/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

Abimelech B. 🐧🇩🇪| wörk ™️<a href="https://nerdculture.de/@phranck" class="u-url mention" rel="nofollow noopener" target="_blank">@phranck</a> In german <a href="https://fulda.social/tags/ios" class="mention hashtag" rel="nofollow noopener" target="_blank">#ios</a> it is this setting to add an entry for up to three <a href="https://fulda.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a>

passboltFor admins who speak YAML like a native: Passbolt’s Ansible playbook documentation is available.This installation method is recommended for experienced users proficient with Ansible and requires a clean Debian 12 or Red Hat 9 server.Full step-by-step guide here → <a href="https://www.passbolt.com/docs/hosting/install/pro/ansible/" rel="nofollow noopener" translate="no" target="_blank">https://www.passbolt.com/docs/hosting/install/pro/ansible/</a>GitHub repo → <a href="https://github.com/passbolt/passbolt-ansible-playbooks" rel="nofollow noopener" translate="no" target="_blank">https://github.com/passbolt/passbolt-ansible-playbooks</a><a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.social/tags/Ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ansible</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#DevOps</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/Dropbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Dropbox</a> stellt seinen <a href="https://social.tchncs.de/tags/Passwortmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwortmanager</a> ein | iX Magazin <a href="https://www.heise.de/news/Dropbox-stellt-seinen-Passwortmanager-ein-10505949.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Dropbox-stellt-seinen-Passwortmanager-ein-10505949.html</a> <a href="https://social.tchncs.de/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://social.tchncs.de/tags/EndOfLife" class="mention hashtag" rel="nofollow noopener" target="_blank">#EndOfLife</a> <a href="https://social.tchncs.de/tags/EoL" class="mention hashtag" rel="nofollow noopener" target="_blank">#EoL</a> <a href="https://social.tchncs.de/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#passwords</a> <a href="https://social.tchncs.de/tags/DropboxPasswords" class="mention hashtag" rel="nofollow noopener" target="_blank">#DropboxPasswords</a>

Thor A. HoplandLike why does every <a href="https://snabelen.no/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> also provide you an <a href="https://snabelen.no/tags/authenticator" class="mention hashtag" rel="nofollow noopener" target="_blank">#authenticator</a>? Call me paranoid, but those two shouldn't mix.It might be easier to let <a href="https://snabelen.no/tags/Bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bitwarden</a> handle both your <a href="https://snabelen.no/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#password</a>, <a href="https://snabelen.no/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#passkey</a> AND <a href="https://snabelen.no/tags/otp" class="mention hashtag" rel="nofollow noopener" target="_blank">#otp</a> code, but it feels like playing with fire - even though the apps might not share any code.So I use an authenticator from a different vendor - just in case.Am I just being paranoid?

Mela News :verified:Dropbox Passwords chiude. 🔐 Gli utenti hanno meno di un mese per migrare. Il servizio diventerà di sola lettura a breve, l'app mobile smetterà di funzionare a settembre e l'accesso sarà impossibile da ottobre. L'azienda si concentra su altre funzionalità. <a href="https://mastodon.uno/tags/Dropbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Dropbox</a> <a href="https://mastodon.uno/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.uno/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a>

Matthias Klein 🇪🇺|🇩🇪Schade! 😞 Dropbox stellt zum 28. Oktober 2025 seinen Password-Manager ein.Das trifft mich besonders, da ich Dropbox Passwords gerne für kleinere Vereine als Teil einer einfachen Intranet-Lösung zusammen mit der normalen Dropbox verwendet habe. War eine praktische Kombination für Organisationen ohne großes IT-Budget oder -Know-how.Jetzt heißt es umstellen - die Daten lassen sich zum Glück exportieren und zu anderen Password-Managern migrieren. Dropbox empfiehlt 1Password als Alternative. 🔐Für die Vereine bedeutet das wieder eine Umstellung und wahrscheinlich zusätzliche Kosten. Schade um einen Service, der einfach funktioniert hat.ℹ️ Mehr Infos: <a href="https://help.dropbox.com/de-de/installs/dropbox-passwords-discontinuation" rel="nofollow noopener" target="_blank">https://help.dropbox.com/de-de/installs/dropbox-passwords-discontinuation</a><a href="https://me.klein.ruhr/tags/dropbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Dropbox</a> <a href="https://me.klein.ruhr/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://me.klein.ruhr/tags/vereine" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vereine</a> <a href="https://me.klein.ruhr/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfHosting</a> <a href="https://me.klein.ruhr/tags/digitalesouver%C3%A4nit%C3%A4t" class="mention hashtag" rel="nofollow noopener" target="_blank">#DigitaleSouveränität</a> <a href="https://me.klein.ruhr/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a>

passboltPassbolt 5.3.2 is now available, introducing a clipboard flush timer, automatically clearing copied secrets after 30 seconds to reduce accidental exposure risks.If you have any feedback or suggestions, feel free to drop them in the passbolt community forum or leave a comment below. Full details here: <a href="https://hubs.li/Q03x_ScW0" rel="nofollow noopener" translate="no" target="_blank">https://hubs.li/Q03x_ScW0</a><a href="https://mastodon.social/tags/PassboltV5" class="mention hashtag" rel="nofollow noopener" target="_blank">#PassboltV5</a> <a href="https://mastodon.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a>

The New OilTry <a href="https://mastodon.thenewoil.org/tags/Proton" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proton</a> for Business free of charge for 14 days<a href="https://proton.me/blog/proton-for-business-free-trial" rel="nofollow noopener" translate="no" target="_blank">https://proton.me/blog/proton-for-business-free-trial</a><a href="https://mastodon.thenewoil.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/email" class="mention hashtag" rel="nofollow noopener" target="_blank">#email</a> <a href="https://mastodon.thenewoil.org/tags/CloudStorage" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudStorage</a> <a href="https://mastodon.thenewoil.org/tags/VPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#VPN</a> <a href="https://mastodon.thenewoil.org/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.thenewoil.org/tags/Calendar" class="mention hashtag" rel="nofollow noopener" target="_blank">#Calendar</a>

passboltCybersecurity expert Alexandre Blanc shares how he stays connected to his password manager, even while travelling. His passbolt instance runs on a high-availability cluster, so there’s no need to phone home to restart a failed server. Read his full insights: <a href="https://www.linkedin.com/posts/alexandre-blanc-cyber-security-88569022_how-to-set-up-a-highly-available-passbolt-activity-7350589832001191936-ePMU/" rel="nofollow noopener" translate="no" target="_blank">https://www.linkedin.com/posts/alexandre-blanc-cyber-security-88569022_how-to-set-up-a-highly-available-passbolt-activity-7350589832001191936-ePMU/</a><a href="https://mastodon.social/tags/HighAvailability" class="mention hashtag" rel="nofollow noopener" target="_blank">#HighAvailability</a> <a href="https://mastodon.social/tags/PasswordManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#PasswordManager</a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#passwordmanager