Comment by jamedjo

2 years ago

Unlocking the password manager means I need to type a master password in while in a public place. Feels higher risk when it is an unimportant website but potentially gives access to all websites. Still better than the passwords being accessible on disk but having individual passwords would reduce the impact of any password leak.

4 comments

jamedjo

Reply
fluidcruft  2 years ago

I have this InputStick USB [1] dohicky that I keep with my keys shows up as a generic USB keyboard when plugged in but is also an encrypted Bluetooth dongle (part of pairing allows you to configure a shared encryption key so that only devices that know the key can use the stick, and only sticks with the key are recognized by the client apps). There's a plugin to Keepass2Android that I use to type passwords from my phone. I use that to unlock my password manager (using a giant untypable passphrase). So entering mosterous passphrases is very easy... bot only if you can unlock my phone and use biometrics to open Keepass2Android.

It really is dumb that phones can just generically play USB HID (without running custom kernels)

[1] http://inputstick.com/

[2] http://inputstick.com/kp2a-plugin/

maccard  2 years ago

1password uses biometrics on my 7 year old MacBook Pro, so even if I'm out and about I still don't need to type it.

  • riffraff  2 years ago

    1p works great on my mac but still asks for a password from time to time, I'm not sure of the exact mechanic.

    OTOH even Chrome's password manager now integrates with the Mac fingerprint auth.

    • maccard  2 years ago

      It's every two weeks. If your threat model involves being spied on over the shoulder for your master password while in a cafe you "just" need to ensure you enter your password in a safe location every two weeks.