So this came out today:
“Severe” password manager attacks steal digital keys and data en masse
There are lots of nifty helpful password manager tools out there, that will seamlessly allow you to create and use your passwords across all your devices. I don’t use any of them.
I do use a password manager (DataVault, if you are interested.) It has some nifty cloud features that I ignore. I sync by WiFi, on my local network. Only. I had problems with the browser integration, so I don’t use auto-fill. I go to the app, find the password I want, and copy it.
It takes some effort, but it’s not going to be compromised by someone’s poor site security. It’s not that I think all those other people are bad programmers, it’s that they are people and they are programmers and bugs and other problems happen. Even without the slightest bit of poor coding, there could be a weakness in a 3rd party library, operating system, hosting service, or other thing the system is dependent on.
If you think I’m a horrible Luddite disparaging the wonders of modern hosted services, Spouse keeps his passwords as a text file saved in his system keychain and only accesses certain sites from his primary laptop in a secure location. Another perfectly acceptable solution.
Leave a Reply