Have I Been Pwned owner, pwned - Hypertext
htxt.co.za
A phishing attack managed to fool Troy Hunt into handing over MailChimp credentials.
  • A jetlagged Troy Hunt accidentally clicked a link and logged into an account only to realise he had been phished.
  • Despite reacting quickly, attackers were able to export a mailing list for Hunt’s personal blog.
  • Hunt has detailed the attack and warned his subscribers in a timely fashion.
  • sugar_in_your_teaEnglish
    24·
    5 days ago

    Then add multiple URLs for that entry. You can even have it match on the base domain, so it works on any subdomain, or restrict it to a subdomain.

    I assume that works on 1Password, it works on Bitwarden at least.

    That said, I could see myself making this mistake. I’ve had to manually find entries before for one reason or another (e.g. usually use the app, but access the website this one time).

    • ricecakeEnglish
      29·
      5 days ago

      It does work there. The unfortunate thing is that so many sites change their login structure often enough that it no unusual to discover that a site just changed again and you need to update the list.

    • otpEnglish
      7·
      5 days ago

      Yeah,.there are plenty of instances where I’m adding a new URL for a password because the app and the website are too different from each other, or the app changes its login paths…

      Or heck, sometimes it’s close enough, and with my password manager on my phone, I don’t have it auto fill – I have it auto-suggest. So “Probably a match” and “Exact match” have the same path to entry.