Comment on Password managers are less secure than promised
shortwavesurfer@lemmy.zip 2 weeks agoI store my keypass database on several flash drives in different physical locations and update them several times per year to make sure that even if I do lose the copy I have, the versions on the flash drives, not at my physical location, are decently up to date, and so if I do lose any of the password data, it will be only for a couple of months worth if that.
If I add things that are extremely important, such as a new mortgage provider, or some sort of financial data into my keypass database, then I do an unscheduled immediate update to all of my flash drives in different physical locations to make sure that they all have that, but if it’s just a social media account, and I was to lose access to it, and not have the password for it, then… I wouldn’t be too upset about it.
In the absolute worst possible case, I stand to lose 3 months worth of data. It’s not often that I have to tweak stuff in my password manager, so that would be very few changes.
Appoxo@lemmy.dbzer0.com 1 week ago
Great.
I am now your spouse and you want to give me access to the flash drive. What now?
New requirement: I have several passwords I want to give you access to as well. What now?
As with everything: Your solution may work for yourself and a few others. The majority don’t want to collect 5 flash drives in different locations every 3 months to update a file (and making sure it’s the correct vault they have copied)
shortwavesurfer@lemmy.zip 1 week ago
PThe master copy stays on my device. If I need to give somebody access to a specific password, I just give them that password locally and they put it in their password manager for that account.
Same thing occurs if they need to give me a password. They give me the password. I put it in my password manager and then I’m the one who updates the flash drives on the rotating basis like I mentioned above.
Appoxo@lemmy.dbzer0.com 1 week ago
Great.
Now your data is (potentially) exactly where you are trying to keep it out of.
So you made it more cumbersome to yourself by keeping your data as local as possible, yet still chosing to give up the tiny sliver of additional security for the comfort of others.
I don’t want to be annoying. But I hope you see what I am trying to convey.
shortwavesurfer@lemmy.zip 1 week ago
I’m sorry, but I really don’t see what you’re trying to convey. The people I give my passwords to also don’t use cloud password managers.