WingNews logo WingNews
top | item 13017231

(no title)

clark800 | 9 years ago

I've been surprised by how negative the opinions of deterministic password managers have been since I've been using one for over two years and it has been a much better experience overall than using KeePass on Dropbox, and I also think that it's more secure than cloud-based systems (see point 4).

My take on the points in the post:

1. Out of the 100 or so sites that I use, only a few have password policies that require tweaks, and it usually just requires disabling symbols and or adjusting the length. These tweaks are cached in my browser, so this hasn't been much of an inconvenience.

2. My passwords are rarely revoked, and when they are it is just a counter bump. This is state, but again it is cached in the browser.

3. It's true that they can't store existing secrets, but this can be viewed as out of scope for a password manager.

4. For the application I use, it's not true that exposing just the master password exposes all of your site passwords. There is a 512bit private key that is synchronized once between devices using a QR code. An attacker would need both the master password and the private key file to generate any passwords. Because the private key only exists on devices I physically own, this should be harder to obtain than an encrypted database that lives in the cloud, so I view this system as more secure than KeePass on Dropbox, Lastpass, or 1Password.

My experience over the past two years has been that the advantages are more significant than the disadvantages.

discuss

order

pwinnski|9 years ago

If your browser is caching all of your passwords, I think you've got security problems well outside the scope of your choice of password managers.

clark800|9 years ago

Only the override parameters for a site are cached, such as a boolean to indicate that symbols are disabled or an integer reset counter. The passwords are never cached.

eikenberry|9 years ago

I'd guess he doesn't mean cached, but instead means that his web browser works with this system keyring (or has its own) to save/use the passwords.

cschmidt|9 years ago

What system are you using?