Comment by WalterBright
16 hours ago
A password manager is a single point of failure and should be avoided. I've heard other sad stories about someone who's pw manager was compromised and they lost everything.
16 hours ago
A password manager is a single point of failure and should be avoided. I've heard other sad stories about someone who's pw manager was compromised and they lost everything.
While you’re not wrong in principle. It’s still the least worst in the vast majority of cases.
I think the bigger problem is using your pw manager for 2FA too.
out of curiosity - what scheme do you suggest? I've always been of the mind that 'one thing to remember and secure, but secure it well' was the best option - 2factor and a 15+character passphrase meaning that nearly everything else gets it's own discretized blast radius.
Always open to better security, though.
Have a different password for every account, and don't store them on your computer.
True for KeyPass or 1Password, but not for GNU pass.