[–] PepeFarmRemembers 0 points 23 points (+23|-0) ago 

All of the methods described in the article require access to the computer (either physical access or remote) and once you have access almost any security can be bypassed. Techrepublic then still advocates a cloud based password manager in the first linked article.

There is no security difference between an integrated cloud based password manager and a stand alone cloud based password manager IMHO.

[–] voatusernamevoat 0 points 2 points (+2|-0) ago 

security

cloud based

0/10

[–] Nadeshda [S] ago 

What would you recommend? Good ol’ fashioned pen and paper?

[–] VillaLopez 0 points 4 points (+4|-0) ago 

That's what I use.

[–] daveywavey86 0 points 1 point (+1|-0) ago 

keepassxc

[–] performance 0 points 1 point (+1|-0) ago 

Bitwarden is the shit. Open source, free, audited, works on any phone and all the major browsers.

[–] Moln0014 0 points 1 point (+1|-0) ago 

invisible ink

[–] logos_ethos 0 points 2 points (+2|-0) ago 

With the Intel Management Engine spying on everything that is in memory, the best option is to keep your passwords out of your system memory for a much as possible by storing them on a dedicated device: https://www.themooltipass.com/

[–] KIlerOfFreeTime 0 points 1 point (+1|-0) ago 

And what about extensions like lastpass?

[–] Nadeshda [S] ago 

I don’t personally store any of my passes online but here is discussion about it that may interest you: https://voat.co/v/technology/3323627/19638938

All digital formats of saving personal things can be compromised; this doesn’t mean it will but just that it can.

[–] KIlerOfFreeTime 0 points 1 point (+1|-0) ago 

ok, thanks for the information and that is the best way to keep passwords safe? i store them in my telegram acc and in the txt file in encrypted veracrypt file

[–] Tushen 0 points 1 point (+1|-0) ago 

I was thinking a lot about security on the web and found a new ecosystem called Utopia which is on a beta stage now. By the way, as it provides itself like the most secured thing on the web - that's twice nice that it has a built-in browser. think if everything is really like they promise to be - then using their own browser could help to stay safe and anonymous on the web.

[–] Nadeshda [S] ago 

Thank you for letting us know about this...

[–] THEx1138 0 points 1 point (+1|-0) ago 

Let's just say that the N*SA has a program to capture and catalog passwords. Now once the hackers find out about this program and get a hold of the database it will be game over for your data. Just saying.

[–] A6-EGO 0 points 1 point (+1|-0) ago 

I just use lastpass, and have been doing so for years. Yes my passwords are stored in the cloud but I am of the belief that if they had been hacked we would have known about it by now since they have so many people potentially going after them.

[–] THEx1138 0 points 1 point (+1|-0) ago 

[–] THEx1138 0 points 1 point (+1|-0) ago 

[–] A6-EGO 0 points 1 point (+1|-0) ago 

Yeah both of the links you provided do not show any actual security issues. One of the links discussed a bug which has been fixed, the rest were just phishing attacks which only work on absolut retards, so no threats there.

As for the actual attack on lastpasss, yeah that is not great but I am not worried that the hackers got away with anything, and the other attacks were once again just phishing attacks which are completely irrelevant.

[–] iitpanun 0 points 1 point (+1|-0) ago 

Use it in conjunction with a physical yubico USB device.

[–] A6-EGO 0 points 1 point (+1|-0) ago 

I could do that but I use 2FA with google authenticator instead. Works well.

[–] ardvarcus 0 points 1 point (+1|-0) ago 

I never save any passwords. I have no financial information on my computer. But then, I am not a trusting soul.

[–] anxia 0 points 1 point (+1|-0) ago 

Yeah, it sounds like they're making it sound worse than it really is. Not enough normies use Linux to make this a problem. I just had Chrome ask me for the Windows password to my bf's machine to access my own passwords in Chrome, which I didn't know so I couldn't see them (though they would still auto fill).

Still, I do agree it's probably best not to store your passwords in a browser. Esp. If you have sync turned on, they just get copied to every device you sign in on, and if you ever start to care about your privacy after that, it's a bitch to clean them off.

[–] Nadeshda [S] 0 points 1 point (+1|-0) ago 

Still, I do agree it's probably best not to store your passwords in a browser. Esp. If you have sync turned on, they just get copied to every device you sign in on, and if you ever start to care about your privacy after that, it's a bitch to clean them off.

This indeed, well said!

load more comments ▼ (3 remaining)