Comment by bdavbdav

14 days ago

I thought this was what happened. Clearly not :( That’s the idea with services like 1Password (which I suppose is ultimately doing the same thing) - you need both the key held on the device and the password.

I suppose this all falls apart when the PC unlock password is your MS account password, the MS account can reset the local password. In Mac OS / Linux, you reset the login password, you loose the keychain.

3 comments

bdavbdav

narmiouh 14 days ago

In case of 1password, I would think it would be challenging to do what you are saying, at least for shared password vaults.

digiown 13 days ago

On Linux the typical LUKS setup is entirely separate from the login password. You don't lose anything if you forget the login password. You can just reset it with a live USB or similar.

If you mean the secure boot auto-unlock type of setup and you don't have a key backup, then you cannot reset your login password at all. You have to wipe the drive.

bdavbdav 13 days ago

Keychain, not FDE.