undefined | Better HN

0 pointstoasted_flakes5y ago0 comments

If only we had a secure place to store all of the horcrux strings that are unique per-website!

Joking aside, I don't see the point of this. It guards against exactly one attack (your password manager somehow revealing all your passwords) which is unlikely, but not against a whole lot of other (slightly more generic malware, phishing, ...) whilst making logging in harder (there's now a manual process).

If you're willing to go such lengths, enable 2FA on more accounts (which the articles mentions, points for that) or get a physical token for your password manager.

0 comments

djeiasbsbo5y ago

That might be likely if the password manager database is stored in the cloud. iCloud hacks seem to be at least somewhat common and iOS users often hsve no other means of syncing their password manager database.

gruez5y ago

Isn't that a non-issue if the cloud version is encrypted?

j / k navigate · click thread line to collapse