top | item 40544602

(no title)

At least the password manager I use has solid encryption. I can control where the file lives and what file permissions it has. For instance, I can keep it on a USB stick that I only insert when I need a password and then remove the stick afterwards.

I do not remotely whatsoever trust Microsoft or Windows to keep their Recall database secure and offline. Attackers will know exactly where the file is, unlike with my password manager. There's no shortage of Windows privilege escalation exploits to gain TrustedInstaller status to read any file on the system.

discuss

No comments yet.