I believe Proton Pass does not have the design flaws shown in the article. For instance, if you lose your password, you lose your data. Your data is encrypted and decrypted on your device.
Comment on Password managers are less secure than promised
eatsnutellawivaspoon@feddit.uk 2 months ago
I use one of the password managers mentioned in the article, purely for the convenience of apps on all my devices, syncing and complex individual passwords. Should I be looking to move to self hosting something instead? Would my host (likely a synology Nas or raspberry pi) not then have the same risks?
iglou@programming.dev 2 months ago
cmhe@lemmy.world 2 months ago
This is what all the listed password manager claim.
cmhe@lemmy.world 2 months ago
Security through layers. The flaws are about compromised server, so hosting your own server is a good first step. Next step is making the server only accessible via your own VPN. And of course hardening the server.
cevn@lemmy.world 2 months ago
I self host via vault warden. And I have it locked behind tailscale vpn. Aside from your server itself getting hacked, which is a risk, this is more secure than having passwords on the public internet.
eatsnutellawivaspoon@feddit.uk 2 months ago
I host a pi hole via diet pi already, vault warden is packaged for diet pi already, project for the weekend!
cevn@lemmy.world 2 months ago
Love the raspis, just make sure the passwords are not stored on the sd card because those fail all the time hah.
eatsnutellawivaspoon@feddit.uk 2 months ago
Good shout! Easy to mount a folder from my Nas on it though