Keepass2android google drive12/29/2023 ![]() I've heard it on the Michael Bazzell podcast and maybe read it in his book Extreme Privacy 4th edition sometime last year, but I can't find it right now. Better be safe than sorry though, I have 4 encrypted offline backups in different locations of my recovery files (Bitwarden, Aegis, Crypto Seeds, etc). LeoLela What do you suggest? Is it enough to have backups of your keepass files, or should we also have a different database format? The second option sounds would be a maintenance nightmare.Ī simple and up to date backup of your keyfile in 2 different places should be enough, if your threat model doesn't include protection against targeted attacks from 3 letter agencies that is. But does Google Password Manager have a separate master password, or can they just reset your account password? If it were really secure with E2EE that Google itself can't access/change, then a Google account password reset or 2FA reset would invalidate existing password vaults, locking out the user (which is actually a good thing) unless they have their recovery codes. At that point, only the "master password" is protecting your password database. If the provider (say Google or Lastpass) has the ability to reset your 2FA token, then your passwords are not really as secure as you think. There is a lot of false sense of security with 2FA and password managers. ![]() At that point, LEA can sync a password database, right? LastPass, on the other hand, at least can't reset a master password. ![]() But can't Google perform a 2FA reset or add new keys to your account? They can also reset your Google account password. What happens if Google is legally compelled to hand over your entire Google account to LEA? I know the password vault is on the device, and E2EE. Google manager is also encrypted and free with 2faįor Google Password Manager, is the password and 2FA token different / separate from your Google account? ![]() We just have to make informed decisions according to our threat models. There are use cases for almost all solutions, even ProtonPass in its current form. But if your needs for a Password Manager are to be offline and have 2FA support for free, KeePassDX is currently the best. Both Google and KeePassDX don't have feature parity with a Bitwarden subscription if emergency access, convenient password sharing or breach reports are important. Google is super secure but some might not want to feed them any data (even encrypted). the keepassdx manager is totally encrypted and free (with 2fa) the Google manager is also encrypted and free with 2fa too, so why pay even 1€ is the question! It was quickly fixed, but this can happen anytime to any password manager, which is why you always need at least one offline backup of all your passwords and 2fa seeds no matter which software you use. Most of us agree KeePassXC/DX is the best offline Password Manager, but not long ago there was a bug which compromised the keyfile of some users who then lost access to all their passwords. Just want to add that offline managers come with their own risk. You can lose access to the service and to all your passwords (the service goes out of business, the service gets blocked at your location, it's too expensive, etc.) LeoLela I like Proton in general, but if you keep your passwords on an online service then you will have the following problems:Ī security compromise can expose your passwords That would mean company teams or heirs, for both of which I need a business or family account anyway. I would only store the second factor in Bitwarden (instead of apps like Aegis) if I wanted to make sure somebody else has a convenient way to access my accounts. Think about it: It adds convenience, but reduces security to store the second factor in the same location as the password. That is somewhat annoying indeed, but in my opinion it makes for a better business model and it's a good "education" for free users. And it doesn't even support 2fa in the free version
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |