Most people don’t use many services where security is important. It’s not uncommon to have several hundred accounts with passwords, but I have maybe 10 that I really worry about being hacked/lost. For all the crap sites I can just use $singlepassword+$servicename as password. For the few sensitive ones I use strong passwords and 2FA. I do use a manager to keep those strong passwords - but even though I have it, I can’t be bothered to use stronb passwords for all those forums, web shops etc.
Is my solution secure? No. Using a bad password for hundreds of sites is definitely not secure - but the quality of a password only needs to be proportional to the sensitivity of what it protects.
When I started using a password manager I did something similar, but I told myself every site which used the "insecure" password was linked. So I'd ask myself "If someone hacked the least consequential site I've used this password on, they'd also have hacked this site, do I care?"
It was very rare that the extra 30 seconds to add a new entry password manager wasn't justified after asking myself that question.
I think it all comes down to ease. Yes, some secure passwords is better than none, but it's just soooo easy I'd just say go with the PM
You're right, but that doesn't mean he's better off with a password manager. No method of storage is perfectly secure. Password managers have their attack vectors, your brain has others.
'U2F + password' is very secure and can't be phished if implemented fully. However, even Google doesn't do U2F correctly :( U2F authentication needs to happen _every_ time a new TLS session is established in order to be 100% phish proof
I use abbreviations of several different long sentences with random characters added in random positions.
To me this is far more secure than trusting a single authoritative source with 10 different random character strings that I have no real ownership of, and can all easily be stolen (or lost) at once.
I have at least 50 different passwords in my 1Password account
And 1Password supports syncing via services other than their own and each device acts as its own backup too, so you’re really only relying on their service to shuttle around an encrypted keystore to your new devices.
Ok, but the core of the argument to me is "Is having a bunch of passwords that you don't actually know all in one place more secure than having a smaller bunch of passwords that you do actually know that, still, can at most be leaked one at a time?"
For me the answer is no. I would rather have fewer technically less secure passwords than have technically more secure passwords that all live in one place. My passwords live "nowhere". There is no database breach, or peek over the shoulder that could ever compromise my entire wellbeing.
>Is having a bunch of passwords that you don't actually know all in one place more secure than having a smaller bunch of passwords that you do actually know that, still, can at most be leaked one at a time?
It’s been repeatedly demonstrated that yes, it is.
Meaning you have consulted a sea of research that has compared the risk posed by password managers to keeping a mental catalogue of long, not-random-but-pretty-good character strings, using 2fa, and exercising proper security habits?
I don't think you could ever come to an objective conclusion, since the 99%-user doesn't have a near-autistic obsession with security like most of us.
The answer is yes. For the large majority of users, the only thing that matters is that you never reuse your passwords. Since human beings cannot feasibly remember unique passwords for each service, password managers win.
This "problem" has precisely nothing to do with open source vs closed source. "Tell me the list of activities that are public" and "tell me the name of each activity as I launch it" are babies-first-app-analysis level and work equally well on open and closed source apps.
Are we really concerned about an exploit that requires somebody to have unlocked access to your phone?
I'm not saying that's the problem, I'm just suggesting that you have to have a lot of faith in a company to trust it with all of your passwords, especially when there's only a handful of eyes on its source code.
It's not for me, personally.
And yes, because the scariest aspect of password managers is the fact that you have basically shifted the responsibility of "I use the same password everywhere" to a different party.
Given the recent number of cripplingly awful security bugs that have been found in open-source infrastructure projects (Shellshock, Heartbleed, etc) which have been in the wild for many years before being discovered, I'm rather less interested in arguments that open-source software is supposedly more secure than closed-source due to the number of eyes that are supposedly on it. When was the last time there were any security flaws of that magnitude in the Windows Server/IIS stack?
The reality seems more like that even if anybody can look at the code, auditing security code well is damn hard, very few people can do it well, and those people basically never audit open-source projects in their spare time. How secure something is depends more on how battle-tested it is, how good the people who wrote it are, and how well and often it's been tested for security flaws by experts.
Prove that open source has more eyes than closed source. You can't because in reality it's most likely not true for the vast majority of software. Most software requires an incentive to look over the code and the skill to do it. The incentive to do it for closed source is money, open source is warm fuzzies or personal interest. I really love open-source software but code review is clearly not a benefit for the vast majority of people.