undefined | Better HN

0 pointsStavrosK9y ago0 comments

It's not really very much more effort. I use KeeFox (Firefox) and Keepass2Android (you can guess). I love both tools, they've made password management trivial, and I used to be a die-hard "one password for everything is just so much more convenient" fan.

0 comments

the84729y ago

> I use KeeFox (Firefox)

Integrating with the browser is probably a bad idea, it shortens the exploit path from a webpage to your password store.

Using a standalone application and using the clipboard would require a malicious website to break out of the browser and then break into the password store process, which could in principle run under a different user and interact with the clipboard through some broker process.

cyphar9y ago

Given how broken clipboards are, using a clipboard isn't much more secure. Though, an extension can probably request credentials so it is a trade-off.

icebraining9y ago

How do you sync the two?

StavrosKOP9y ago

I keep the file in Dropbox, Keepass2Android automatically syncs it every time I open the database and merges any conflicts. It's pretty nifty, I've never had a problem.

j / k navigate · click thread line to collapse