#1password sucks password#
I’ll phrase the following generically, as it is pertinent to every password manager, whether it is using the password manager’s own cloud, a cloud service like OneDrive etc.
:max_bytes(150000):strip_icc()/1password6-56a4113d3df78cf77280b8bf.jpg "1password sucks")
Unless they strike lucky - they start on your blob and you used a weak password that is easily guessed - you will have several lifetimes in which to go around and change all your passwords. You have to place your trust somewhere, and if you are using a PC, tablet and smartphone, a dedicated cloud service makes the most sense, as they should be professionals and they should know what they are doing… Even with the LastPass data leak, they only have the encrypted blob, the usernames and passwords should still be secure, the hackers will need to brute force each blob individually, as “everybody” has their own strong master password, so it will take millenia to break into each blob, using current brute force techniques and state of the art hardware.
#1password sucks full#
Likewise, if you use your own private cloud (a NAS with DynDNS or a server running NextCloud etc.), you have the same problems as the full cloud services, with the added point of you probably not being a full systems administrator, security expert and pen tester, so your system probably isn’t as well implemented and secured as a professional cloud service - especially if you don’t keep it updated. If you are hit by crypto malware, your blob won’t be accessible, unless you made your own backup. If you have it local and your system is hacked, the encrypted blob is available to the hacker as well. If you have the data on the cloud, you are at risk if the cloud service gets hacked - whether that be a password manager cloud, or iCloud, OneDrive, GDrive, HyperDrive etc. That is the problem with all password managers, either the data is held locally, so you have to find some way of keeping various devices in sync yourself, without using a cloud service, or you use the convenience of a cloud service to automatically sync the password database between devices.Īs soon as you go for a convenient solution, you lose a point of security, but you gain flexibility and redundancy, without having to worry about it yourself.
0 kommentar(er)
