Oddbean new post about login | logout If my login information is breached, I'm protected by my 2FA codes. If my 2FA codes are breached, my login information are still safe. 2FA is meant to provide extra security. This is pointless if your login info and 2FA info are in the same place.
If my login information is breached, I'm protected by my 2FA codes. If my 2FA codes are breached, my login information are still safe. 2FA is meant to provide extra security. This is pointless if your login info and 2FA info are in the same place. nostr.fmt.wiz.biz
True if your password manager has a terrible security model, but not so if secured itself by multiple keys that never see exposure to the internet.
Check this out. I haven't come across another password manager with a security model like this: https://1passwordstatic.com/files/security/1password-white-paper.pdf
I love 1Password and have been using them for a few years now. I would recommend them wholeheartedly. I also recommend Bitwarden as a secondary service.
I need to look into Bitwarden's security model more, but I'd probably only feel comfortable running it locally unless they have a comparable design to 1Password. Aside from their security principles, the other thing i really love about 1Password is how multiplatform they are. Wonderful apps for Windows, Mac, and Linux, and they have a cli and SSH agent i use in Linux.
I agree with your points. I use 1Password multiplatform to host my login details for various services. I run Bitwarden locally to manage 2FA codes for my most important accounts. I really like that both services allow you to export your data as a csv.