1Password detects "suspicious activity" in its internal Okta account

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Password Pass pass-extension password-manager importer

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • pass-import

    A pass extension for importing data from most existing password managers

  • prevent-exfiltration

    • 5. Server validates signature and timestamp

    The security issue is in step 1. WebCrypto can generate non-extractable private keys and store them in indexeddb. However, this assumes no malicious code flips the “extractable” flag before the pair is generated. So this strategy is trust-on-first-use.

    [0] - https://chromestatus.com/feature/5097603234529280

    [1] - https://github.com/kevlened/prevent-exfiltration/blob/main/i...

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts