Strong, random passwords generation: OK.Il also includes its own strong random password generator KeePass is a solution I’ve known for a while.įor people who administer many machines or databases at my clients’, it’s great solution, storing everything in a single, encrypted KDBX file, protected with a password. I chose the latter, which brings us to an open-source approach.Ī Self-Hosted, Open-Source, Equivalent Setup # Password manager… # If they decide to change the conditions for me to access my data, like they just announced they will, I must either comply or leave. If they get breached, as it happened once in the past, even if they work hard to make sure the data could not be compromised, I could lose everything. There are two major flaws with this approach: Then I’d grab my phone and generate the TOTP for confirmation of my identity and I would be in. When I needed to login, the browser extension would ask me my master password and autofill the form. Security is always a compromise between cost and usability.īasically, my setup was simple: all my data was on LastPass’s servers. That may not be a smart move: if someone could grab my LastPass data, they would have both my passwords and OTP seeds. Lately, I’d been moving all my 2FA settings to LastPass to have all in one place.
0 Comments
Leave a Reply. |