![]() ![]() ![]() Anyone can inspect the code to see what it does, including the plugin:ĭid you or anyone you trust review all the code?ĭo you review it again after each update?ĭo you build your binaries from the code you just reviewed or you use the pre-built ones? Why do you think nothing changed in-between? This still leaves a hole around its the browser extension, which is admittedly very, very convenient. With Windows Firewall on Windows and with a custom Apparmor profile on Linux. Mmse wrote: ↑ Tue 5:55 pmHow did you arrive at trusting KeePassXC? My imperfect solution was to restrict its access to Internet. Paper backup in the safety deposit box and an encrypted USB drive hidden in a safe place in the house. All the anti-phishing protection with the peace of mind that the password manager won't reveal usernames and passwords without me telling it to. Similar to copy/paste except that Bitwarden will refuse to do it if I'm on a site it doesn't know about. It's an extra step over having the browser automatically fill them in when it sees username and password fields. The username and password fields remain blank when I visit a site and I have to tell Bitwarden to "autofill" the credentials. I have Bitwarden configured to not *automatically* autofill my credentials. ![]() The term "autofill" is a bit of a misnomer. What if you go to and copy/paste your password? Congratulations, you've been phished! A password manager would not fill in the password because it does not recognize (it's misspelled). If you are not letting your password manager fill in your credentials, you are missing out on this very important anti-phishing feature. Password autofill protects you from falling victim to sophisticated phishing attacks. There have been hacks of systems like that. I would not want a manager that would autofill. I always need to cut and paste to enter username and password. I do not integrate my password manager with the browser. Thanks, I've never heard of it but just looked it up. Use Veracrypt to make an encrypted password protected file. My question is, do you recommend making a CVS backup file and saving it somewhere safe like in an obscure folder in my PC, or maybe better in an encrypted folder? It's so fast and easy to use, and is better than my old Word doc I kept hidden in my PC, with a long list of less-secure passwords than the auto-generated ones I now use. It's the only one I've ever used and I put it off for years because I was concerned about having all my passwords "out there" in one place that could be compromised. I've been using Bitwarden a couple of years and very happy with it. It only takes a few minutes to move all your passwords from one password manager to another, so you can try several to see which you like best. Pretty much all of them support exporting/importing from/to a CSV file. ![]() Most are free, some are subscription based or require a subscription for some features. Consider things like sharing passwords with family members, availability across all the devices and browsers you use, local vs cloud storage, desire for 2FA on the password manager itself, etc. You should choose one based on features you need or want. I currently use Bitwarden but have also used Lastpass, Keepass, and a couple of other early ones that I don't recall.Īny of the password managers people recommend here should be acceptable from a security standpoint. I have been using password managers for about 15 years. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |