RE: A scammer has stolen our PEPT account

You are viewing a single comment's thread from:

RE: A scammer has stolen our PEPT account

fjworld in PEPT • 8 days ago

For the record, I didn't store keys inside a Google doc.

I found a backup txt file and the keychain kc file on my Google drive.

Out of curiosity, when credentials are exchanged between keychain app, or any apps, and a user, is there some server session cookies at play? If so, could a server session cookie be highjacked?

8 days ago in PEPT by fjworld

0.00 ALIVE

Sort:

Trending

[-]

coininstant 8 days ago (edited)

Nope, there are no server session cookies involved when credentials are exchanged between a user and a keychain application. These apps are designed to be secure, client-side storage vaults. Keychain is an encrypted database stored locally on your device. When you save a password, the app encrypts it using keys derived from your device's hardware and your passcode. This makes the data incredibly difficult to access without physical access to the device and the correct password or biometric authentication (like Face ID). When an app needs to access a credential, it requests it from the keychain. The operating system handles the entire process locally without sending the data to a server.

0.00 ALIVE

4 votes

[-]

fjworld 8 days ago

Thank you very much for that explanation.

Much appreciated.

!PIMP
!LOLZ
!SLOTHBUZZ

0.00 ALIVE

[-]

lolzbot 8 days ago

lolztoken.com

My Mom met my Dad when he came in for an Xray.
I still wonder what she saw in him.
_{Credit: reddit}
@coininstant, I sent you an $LOLZ on behalf of fjworld

(2/10)
Farm LOLZ tokens when you Delegate Hive or Hive Tokens.
Click to delegate: 10 - 20 - 50 - 100 HP

0.00 ALIVE