Content
@
0 reply
0 recast
0 reaction
mmurthy
@mmurthy
After the LastPass screw up, I don't think I can trust any password managers. Even if it is open source, audited by hundreds of experts, there is no guarantee. 2FA on everything sure. But all those secure notes for example leaks. What is a good solution?
3 replies
0 recast
1 reaction
Mantej Rajpal 🇺🇸
@mantej.eth
I use the iCloud Keychain (ie Apple’s password manager) for password management. Compromising my iCloud account—unique password + MFA access to one of my signed-in devices is a bar I’m comfortable with. Regaining trust is hard, but password managers are still better than the alternatives, for most use cases.
1 reply
0 recast
3 reactions
Winston Laoh
@winstonlaoh
You could self-host Bitwarden but you'll have to do a lot configuration and you'd inherit all the security risk. You could use KeePass which is completely offline by design, but there's a big convenience hit especially across devices.
1 reply
0 recast
2 reactions
samridhsec
@samridh
Came here to recommend self hosted Bitwarden. Of course @winstonlaoh covered it already. All the conveniences of password manager, without central point of failure risk. As inconvenient as hardware keys are, they’re worth for risks you can’t chance ($$) Don’t have a good answer to prevent Sim swaps sadly
0 reply
0 recast
2 reactions