7/7/2023 0 Comments Safeincloud password![]() ![]() Open source does not imply that a particular app is any better or more secure. I now require open source for certain parts of my computing stack, to wit the password manager. ![]() Past performance is no measure of the future.Īs far as password managers in general, I agree. Re Google and Apple: we should not rely on their reputation. I mean, there are some places where cryptographic security might be slightly weakened in favor of usability? But nothing really stands out in my mind. Re the tradeoffs we don't know exactly what the author meant. Interesting feedback, not sure I will do it justice. But I don't think that is a good deal for you. If you are willing to pay $36/year for 1Password - forever - you can get a better experience. I know it's a lot of work, but I hope you understand why many of us feel it's good enough. Immediately log out and in again to test the new password. Go back to the browser and finish signing up for the new site. Be sure to save it, and copy the news password to the clipboard. Open the app and create the new entry, including the new random password. Most of us disable this feature in Bitwarden entirely and add/update the password by hand. This may not br a feature you want to continually pay for. Even if this is your first vault, this inconvenience is temporary. If you have an existing vault, there are says to import those entries into Bitwarden. For example, my vault is over 20 years old I add new passwords perhaps once every three months, and I never update passwords unless there has been a breach. After you have populated your vault this will no longer be an important feature. You also don't pay as much, since Bitwarden doesn't require an unwashed horde of programmers to continually update those heuristics.Īlthough you might get a better experience from, say, 1Password (as well as spend more money funding that horde), you might want to first think about the long view. ![]() That being said, Bitwarden does not do as good a job as some competitors. Even then, I have seen websites where they pull really rude tricks, even going so far as to disable pasting into the password field, or they change the web form after the page has loaded.Įven when it works, the developers are playing an endless game of whack-a-mole, tuning the heuristics for the most popular sites (when they can) and fixing heuristics for existing sites as they get updated. Developers are forced to use heuristics to recognize when this is happening. Web pages are just too different from one another for programs to reliably detect when this is happening. Library of Password & Authentication Researchįirst, this is not a generally solvable problem. Discussions about the general issues of generating or storing your passwords are fine. This is not /r/TechSupport or /r/HowToHack so don't post asking for help recovering a password or gaining access to online accounts. We are primarily interested in topics that promote the industry's understanding of what authentication risks we face, what practices do or don't work, and what general technologies or software exist to improve the status quo. This subreddit is dedicated to the scientific discussion of passwords, biometrics, CAPTCHAs, secret questions, MFA/2FA/2SV, or other factors related to user authentication. ![]()
0 Comments
Leave a Reply. |