WingNews logo WingNews GitHub [2]
top | item 16880873

RememBear Official Launch

20 points| cyberon | 8 years ago |remembear.com | reply

21 comments

order
[+] g2294994|8 years ago|reply
Just for the heck of it I created a test account with their password manager with a few honeypot accounts on a VPS server.

Within 2 hours one of the "honeypot" SSH accounts I put in my password manager was accessed with the creds I provided in the password manager. Now I understand there is internet wide scanning but a succesfull login with a random 12 character username and password I had in my password safe is very unlikely to be a random bot account.

Tomorrow I might have a bit more time to throw a few more honeypot accounts in there and see if they attempt to login.

For the time being I would highly discourage anyone store their passwords there.

(using a random throwaway account for obvious reasons, I don't want any retaliation against my startup on my main account from these guys.)

[+] PirateBay|8 years ago|reply
Really sickening that this sort of stuff is going to inevitably be aggressivly marketed to unsuspecting people. Tunnelbear(same company) is shilled extremely hard by youtube tech content creators who should know better, to people who trust them.
[+] heyoni|8 years ago|reply
Someone needs to replicate this because it wouldn't make any sense for them to make use of them on day one rather than wait and accumulate.

Since you're anonymous anyways, why not just tell us what you know? Are they breached or is the platform itself some sort of trap?

[+] gravelc|8 years ago|reply
That's quite astonishing. Have you done the same sort of check with other password managers like LastPass? Really hope this isn't widespread.
[+] nathanaldensr|8 years ago|reply
Can anyone else verify these observations? Talk about honeypots... sheesh.
[+] yeasayer|8 years ago|reply
This is suspicious. They have the VPN traffic, now they want passwords. Encrypted of course, but still. The trust just isn't there. The company is too young. I don't trust them just because they have great design and UX.
[+] caiob|8 years ago|reply
McAfee RememBear (!) How's this any better than 1Password? I'd like to hear a compelling reason to switch besides "our app has a bear in it"
[+] nikolay|8 years ago|reply
Unfortunately, 1Password does not support 2FA for personal accounts. :(
[+] philip1209|8 years ago|reply
Looks like a clone of 1Password, from the interface to pricing.
[+] heyoni|8 years ago|reply
My thoughts exactly. I was looking around thinking maybe they had some third-party audit they could lord over 1password but they don't =\
[+] ebbv|8 years ago|reply
Yeah no way I’m gonna trust my passwords to the kings of unwanted bundle ware.
[+] pm|8 years ago|reply
Anyone have any links or experiences as to why TunnelBear/RememBear is dodgy? I can't find anything online that's definitive.
[+] favadi|8 years ago|reply
How does it compare to 1Password? The price for individual is the same.