![]() ![]() Having separate wallets is an interesting idea, maybe one for logins and one for life information (bank, cards, things to know or remember.) but again that adds complexity, for good and bad. It's this kind of stuff, navigating the compromise of security, convenience, and accessibility that is so hard, and frankly I'd consider myself new and green to the ideas and best practices of security. Maybe a good idea would be to not generate passwords for accounts that have 2FA and just have memorable passwords for them and not store them, but that means my wife, should she need access, couldn't get access if I'm not around or i'm ded. I do have 2FA with another app so they aren't in the same keystore at least (even if I can access both on the same device). My master password is one that says would take a computer 1 SESVIGINTILLION YEARSto brute force. But that's where I wonder what to do because my wife doesn't know all my pins, and if I get hit by a bus, that's that. You bring up some great points, about remembering the PIN and stuff like that. That's the main reason I've switched to Enpass, to co-locate. And when she would know some temporarily, she'd forget over time. I'm basically in charge of most of my family's important matters, so my wife doesn't know many of the details. That's a fantastic answer, and frankly, I wish you would go on for longer, giving your best practices and tips and tricks. IMHO, there's simply a balance between security and usability, between wisdom and stupidity. engineer to set security aside, (im not implying anything specific to Enpass here)Im just saying that often, security mechanisms aren't broken brute-force, they're simply bypassed,ĭo I NEED to store the PIN for my creditcard in a passwordmanager? I remember it just fine prior to using any pwdmanager, so why should I store it outside my head? A simple comparision-instruction could potentially be swapped by a skilled rev. implementation is of esssence, but its not "period". Many people today stare themselves blind on the level of encryption, "Oh its AES-256, that's militarygrade so its safe, Period, the competitor is just using 128-bits!". What are the consequences if my wallet gets compromized? can I recover or will my life be over? (e.g I never store the credentials for my primary email anywhere, since that in the wrong hands with "forgot my password" would result in access to any accound, theoretically. Storing a second authentication factor ALONG with the first one in the same place generally beats the purpose, at least partially, Use wisely. A keyboard-logger can easily be snuck into the back of a workstation, Heck, KeySweeper doesnt even require physical connection to your computer to intercept keystrokes from a wireless Microsoft-keyboard. Is the Master Password a sufficent challange to access all my stuff, or do I require another factor (2FA)? A peek over your shoulder is enough for someone to gain access to all stuff, if gaining access to the wallet. Having that said, there's LOTS of factors that come into play. ![]() I can choose to place some less-sensitive secrets in one wallet which I sync, and other critical stuff in an ofline location like a removable drive or a disc which isnt even mounted other than when I actually need it. Im not forced to bundle 100% of my credentials in ONE wallet-file. I can place these secrets whereever I want, at any disk, any site, cloud, removable media etc, Im not bound to store them where "thieves" start looking. So you wont need to panic about public password-dumps like those on and immediately visit The issue isnt entirely solved, but at least you've compensated for those forums that didn't ran security updates since 2014 and are affected by heartbleed, poodle and whatnot. Too often, theyre not properly protected at the site storing them.Īs a quantifier, we often re-use them, so gaining access to an email + password at a website many times gives access to 10 other sites.Ī password manager sorta moves the issue from having one password stored at 100 locations into having it stored at 1 (with a master password). The main-problem today is that passwords as a single authentication-challenge is too vague. Colocation of sensitive information into one place with added security is generally what you do with most your secrets or valuables such as passwords, creditcards (in the wallet) or money (the bank :-)) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |