Permanently Deleted

  • SaniFlush [any, any]
    ·
    3 years ago

    I never understood how password managers make things safer. Doesn't the manager then become a major security vulnerability if it ever gets compromised?

    • Ideology [she/her]
      ·
      edit-2
      3 years ago

      Well yes, which is why using a local one is better than using a SASS one. Keepass's encrypted databases are not only behind the security of your home network, but can even be locked such that you need a physical security key to unlock them (not that most people really need that).

      That said, the primary security improvement that comes from them is password generators. You don't have to know what any of your passwords are, you can make them 64 characters long at no cost to yourself (essentially making short passwords worthless by comparison), and these passwords can be made up entirely of random characters, basically rendering all of the most common cracking/brute force methods useless. Having a memorizable password is an inherent risk that most people allow themselves to get into the habit of doing because they don't see themselves as targets.

      • SaniFlush [any, any]
        ·
        3 years ago

        And I can host the same password generator on multiple devices?

        • Ideology [she/her]
          ·
          edit-2
          3 years ago

          Yes, there's Keepass programs for all OSs and all of them can open the same database files with passwords due to being written based on the same standards. All you have to do is copy the database file after making changes.