I believe Proton Pass does not have the design flaws shown in the article. For instance, if you lose your password, you lose your data. Your data is encrypted and decrypted on your device.
Comment on Password managers are less secure than promised
eatsnutellawivaspoon@feddit.uk 1 week ago
I use one of the password managers mentioned in the article, purely for the convenience of apps on all my devices, syncing and complex individual passwords. Should I be looking to move to self hosting something instead? Would my host (likely a synology Nas or raspberry pi) not then have the same risks?
iglou@programming.dev 1 week ago
cmhe@lemmy.world 1 week ago
This is what all the listed password manager claim.
cmhe@lemmy.world 1 week ago
Security through layers. The flaws are about compromised server, so hosting your own server is a good first step. Next step is making the server only accessible via your own VPN. And of course hardening the server.
cevn@lemmy.world 1 week ago
I self host via vault warden. And I have it locked behind tailscale vpn. Aside from your server itself getting hacked, which is a risk, this is more secure than having passwords on the public internet.
eatsnutellawivaspoon@feddit.uk 1 week ago
I host a pi hole via diet pi already, vault warden is packaged for diet pi already, project for the weekend!
cevn@lemmy.world 1 week ago
Love the raspis, just make sure the passwords are not stored on the sd card because those fail all the time hah.
eatsnutellawivaspoon@feddit.uk 1 week ago
Good shout! Easy to mount a folder from my Nas on it though