undefined | Better HN

0 pointsgeofft6y ago0 comments

No, for all the major / well-respected password managers (and probably for all the minor ones too), all the crypto is done client-side.

1Password, for instance, has a pretty good security doc about it: https://1password.com/files/1Password%20for%20Teams%20White%...

0 comments

wglb6y ago

It is unclear if LastPass is well-respected, and if I recall correctly, at least at one point, the master key was accessible by the server.

j / k navigate · click thread line to collapse

0 pointsgeofft6y ago0 comments

No, for all the major / well-respected password managers (and probably for all the minor ones too), all the crypto is done client-side.

1Password, for instance, has a pretty good security doc about it: https://1password.com/files/1Password%20for%20Teams%20White%...

wglb6y ago

It is unclear if LastPass is well-respected, and if I recall correctly, at least at one point, the master key was accessible by the server.

j / k navigate · click thread line to collapse