[cribble2k]

As per Android Central
https://www.androidcentral.com/apps-...reach-incident

Glad my passwords are safely stored in Google's built in password keeper.

Sent from my Pixel 6 Pro using Tapatalk

[conite]

As per Android Central
https://www.androidcentral.com/apps-...reach-incident

Glad my passwords are safely stored in Google's built in password keeper.

Sent from my Pixel 6 Pro using Tapatalk

At least the passwords are encrypted and remain safe.

[Paul Reichert]

At least the passwords are encrypted and remain safe.

But stored up till quantum computing becomes a thing and it cracks like a walnut.

[Tsepz_GP]

It’s been years since I used LastPass, sounds like it won’t be easy for the hackers to get through the Master Passwords though lol

[Ph1llip]

Dont use a password app that syncs to a cloud. Ever.

[Dunt Dunt Dunt]

Dont use a password app that syncs to a cloud. Ever.

Good idea, but then that's not very convenient...

I know many don't like the "big boys" of tech... but in the end I trust them more than small time players.

[Ben xfg]

Dont use a password app that syncs to a cloud. Ever.

I use BitWarden and like to think of it as a pretty good option for seamless password sync across all my devices. Am I mistaken?

[Ph1llip]

I use BitWarden and like to think of it as a pretty good option for seamless password sync across all my devices. Am I mistaken?

I simply believe that the primary consideration for a password manager should be Security.

Convenience is another and also valid consideration as you and Dunt have pointed out. But I don't think it should be at the expense of security. And unfortunately, if your information syncs to a cloud, even if encrypted, you've provided a larger "attack surface" for yourself. It doesn't mean a a hack will be successful, especially around assets protected by cryptographic means, but you've created a risk which in itself is not good practice.

The five minutes it takes to transfer passwords from one device to another is not really that inconvenient. And as a general rule, you should limit the number of devices you sync your password repository to, anyway. Decreasing your attack surface is very good practice.

The interactions between Security and Convenience are two concepts that should be carefully considered when designing a process or system. And it's just my humble opinion that syncing all your passwords to a cloud you don't own, control or manage is too big a risk.

[brookie229]

I simply believe that the primary consideration for a password manager should be Security.

Convenience is another and also valid consideration as you and Dunt have pointed out. But I don't think it should be at the expense of security. And unfortunately, if your information syncs to a cloud, even if encrypted, you've provided a larger "attack surface" for yourself. It doesn't mean a a hack will be successful, especially around assets protected by cryptographic means, but you've created a risk which in itself is not good practice.

The five minutes it takes to transfer passwords from one device to another is not really that inconvenient. And as a general rule, you should limit the number of devices you sync your password repository to, anyway. Decreasing your attack surface is very good practice.

The interactions between Security and Convenience are two concepts that should be carefully considered when designing a process or system. And it's just my humble opinion that syncing all your passwords to a cloud you don't own, control or manage is too big a risk.

I sync a limited number of devices to my own cloud only and admit that it may not be as convenient in some circumstances, but like you, I believe that is a small price to pay for peace of mind. At least imo.

[Ph1llip]

I sync a limited number of devices to my own cloud only and admit that it may not be as convenient in some circumstances, but like you, I believe that is a small price to pay for peace of mind. At least imo.

You're in good company. I don't mean me, but Federal agencies who do exactly as you do:

- Copy only when necessary
- Own, control and manage the infrastructure as much as you are able
- Lower the "accessibility temperature," i.e. use cold storage if you can, warm if you can't and hot only when absolutely necessary and no other alternative exists.

[SteinwayTransitCorp]

Dont use a password app that syncs to a cloud. Ever.

Here’s an idea have a small book and write down the password. Amazing.

[Paul Reichert]

Here’s an idea have a small book and write down the password. Amazing.

That's what I do. If I lose the book, my handwriting isn't hackable and that's another layer of protection.

[Tsepz_GP]

Lol, one thing I am not going to do is sit here and act like my particular solution is better than LastPass, given the number of data breaches I’ve read about just in the last year, I won’t be surprised if a major breach is being dealt with at Apple or Google as we speak.

What one should do is ensure they regularly change their passwords and probably try keep your most important ones (banking etc…) away from any tools. If someone were to get my iCloud or Google passwords, they would still not be able to access my banking, insurance, investments or retirement accounts/profiles.

[Ph1llip]

Here’s an idea have a small book and write down the password. Amazing.

[brookie229]

Here’s an idea have a small book and write down the password. Amazing.

With me the book would be lost in 10 minutes - maybe left behind in a coffee shop.

[SteinwayTransitCorp]

That's what I do. If I lose the book, my handwriting isn't hackable and that's another layer of protection.

With my handwriting I’m lucky I can read it sometimes

[dmlis]

With my handwriting I’m lucky I can read it sometimes

It's good. If "they" kidnap you, you will not reveal your passwords even if tortured! Ah, wait...

[SteinwayTransitCorp]

It's good. If "they" kidnap you, you will not reveal your passwords even if tortured! Ah, wait...

Your not well, I love it