Comment on Larion Studios forum stores your passwords in unhashed plaintext.
finestnothing@lemmy.world 1 year agoHonestly, why risk duplicate passwords even then? I have one strong password that I use for accessing my password manager, and let the password manager generate unique random passwords. Even if I had an easier password that I duplicated with some small changes, I’d still use a password manager to autofill it anyway. I use bitwarden personally, you can also self host it with vaultwarden but it seemed like more trouble than it was worth imo
Decoy321@lemmy.world 1 year ago
This is a friendly reminder that password managers are not risk free either. LastPass was hacked last year, NortonLifeLock earlier this year.
finestnothing@lemmy.world 1 year ago
Personally the risk of bitwarden is outweighed by its convenience (compared to self hosted/local only solutions) in my opinion, but I know that’ll change real quick if bitwarden ever has a breach. If it does I’m jumping ship to a self hosted or local only solution, but I’m hoping that doesn’t have to happen
neatchee@lemmy.world 1 year ago
This is why I don’t use a common centralized password manager, just like I don’t use any of the most popular remote desktop solutions like TeamViewer for unattended access.
I run a consumer copy of Pleasant Password Manager out of AWS and use NoMachine for unattended access to any machines where I need it.
Security through obscurity is tried and true. Put as little of your security attack surface in the hands of others as is reasonable.
Hexarei@programming.dev 1 year ago
Centralized, third party password managers, yes. Local-only managers like KeepassXC though, no concerns over some company getting hacked or cheeky