> 0.5 BTC

That's one expensive alert.

The passwords in my manager could potentially cause more financial harm than 0.5 BTC going missing. Everyone has their own price for security. I've also not moved those BTC since 2014 so the price has appreciated considerably.

High value passwords doesn't mean you need a 0.5 BTC alerting method, though?

You just went from "significant financial harm" to "significant financial harm, and 0.5 BTC".

The idea is anyone who compromised my password manager would likely go for the wallet first since it's as good as cold hard cash. Using the private keys and other secrets stored in my manager would take much more time for an attacker to exact meaningful value.

I would expect the BTC to be moved first and foremost which would hopefully give me enough time to mitigate any other damage that could be caused by the content of my password manager being exposed.

I think they would be more likely to copy all of the data first, in an effort to avoid detection methods like this, then make their move compromising everything in near parallel. At least that is how I would do it.

Would the average attacker, though?

It's a question about not touching an easy $15k, in exchange for a chance at a bigger score.

I'd assume most attackers wouldn't be able to resist securing the low hanging fruit first.

And even if there's a parallel move, it's even less likely they would leverage everything but the $15k, so OP would still receive a realtime indicator of compromise.

From a game theory perspective, it's a pretty compelling trap for OP to get what they want.

What is “the average attacker”? If someone is compromising your entire password manager then that’s far from average and sophisticated

If OP is part of a bigger breach, those data dumps will almost certainly get analyzed automatically and multiple wallets swept at once. Passwords to interesting stuff likely aggregated and then tried. It’s not some script kiddy that browses through the vault 1by1

But OP's point is which will happen first in a breach?

(a) Trivially accessible Bitcoin is stolen or (b) passwords are used to ferret items/info of value out of additional individual sites

For OP's plan to fail, someone has to leave $15k laying on the table, in plain sight and for the taking, while they plan their subsequent moves. Which is why the amount matters.

Speaking of game theory, there is probably a much lower number that achieves the same goal, though.

Your average attacker might be equally motivated to go for $20k, or $10k, or $5k. $1k, maybe not. $100, probably not. $1, almost certainly not.

There's an interesting game to play in minimizing the cost at no hit to efficiency.

I don't play the minimization game. In 2014 when I started this strategy 0.5 BTC was like 100 bucks. Now that it's 15,000 bucks doesn't make a damn bit of difference. If they spent the time to figure out what the rest of the credentials were worth and exploited them to the maximum extent, they'd be walk away a multi-millionaire. However.... 15k in a plaintext wallet is an easy score and I argue that the vast majority of people who could compromise my password manager would take that in a heartbeat.

I personally agree with your thinking.

An intruder will rifle through the top drawers and go for the obvious stuff and let's face it half a BTC is a bit of a shiner. You seem to be able to afford to lose it, given that its loss will trigger the shutters coming down and hopefully allow you to secure the rest of your stuff.

I get that and hopefully that is close to the last resort in your defence in depth approach to security.

You could get the exact same alerting benefit with 1/10 the Bitcoin, or less.

There is no tax penalty for moving bitcoin. You should definitely move most of this elsewhere.

The point is that there are far cheaper canaries to keep in your coalmine.

More succinctly, this is plain dumb. And especially to tell people about it in public.

No it really isn't dumb at all. Its the basis of a "honeypot".

Museums and galleries etc put their wares on show in public - can you be sure that what is shown is what you think it is or secured as you think it is?

Please don't describe anyone as dumb - its as much demeaning to you as it is anyone else.

I don't think it needs to be 15k in value to entice someone to steal it. You could also get compromised by someone who doesn't know anything about btc or misses that note and you would not know.

It sounds like you should be using 2FA with a hardware security token rather than setting up a honey pot that may or may not be triggered.

> Original post by 1Password: https://blog.1password.com/okta-incident/

Mac App Store app updates, yes. macOS system updates, no.

Xcode / compiler - yes.

I received one of these letters and nearly tossed it out before noticing the buried lede in the middle of the fourth paragraph indicating that my information had been compromised.

Came here to say this! Only after reading about the leak here did I find the admission in the letter they sent, hidden under all this marketing copy about keeping you safe is our priority

and I missed that paragraph entirely ... I've also received, what apparently matches the description of the "smashing" in the original article, attempts sent to me, too. They were, to me, so obviously scams (the hostnames were suspect) that it seemed unimportant to notice the _real_ tracking codes used.

Now I'm more interested to know how this data leaked ...

Are you open to remote applicants from Canada, or are these positions US/UK only?

Regarding Canada, there has been some (slow, small) progress in this area. https://www.canada.ca/en/financial-consumer-agency/services/...

Thanks! I'm sprawl2

I've heard only great things about Maui Jim. Pricey, but high quality and not Luxottica.

And not with MD5 either, I'm sure.

Of course not...