Hacker News new | ask | show | jobs
by Zinggi 2926 days ago
When pairing a new device (or in this case a new browser), that device doesn't automatically get any keys! When adding a new device, to complete the setup you also have to be able to unlock a password group, for which you need another device that already has keys.

In short, a new device doesn't have the same power as the others from the start, first new keys have to be generated which can only happen if you are able to unlock your passwords.

So just don't setup both the Firefox and Chrome extension and you're golden.
1 comments
jazoom 2926 days ago
Ah. So you essentially need 2 devices to set up a new device.
link
Zinggi 2926 days ago
Exactly. Or even 3 if you make use of security level 3.

The only exception is at the start when there are no passwords stored yet.

link
jazoom 2926 days ago
That's pretty interesting. It's a trade-off between remembering a password and making sure you have enough devices. I personally would trust my brain (and a backup piece of paper) more than one of my devices that might die at any moment. I use KeePass, but NoKey seems great.
link
Zinggi 2926 days ago
But wouldn't you agree that your brain + NoKey instead of a piece of paper as a backup would be more secure? And more convenient, as you don't have to type your passwords anymore.

I don't wanna push you, just wanna give you some things to think about. As long as you use strong and unique passwords everywhere you're good.

Also, it's not a big problem if one of your devices dies, as long as you paired enough devices you won't lose any passwords.

link
jazoom 2926 days ago
Sorry, what I said was probably confusing.

I meant, I keep the password to KeePass in my brain and in backup places. I'm unlikely to lose all those.

>Also, it's not a big problem if one of your devices dies, as long as you paired enough devices you won't lose any passwords.

Not everyone has a million devices.

link
Zinggi 2926 days ago
Ah ok, got it. If you are already using KeePass than there is no reason to use NoKey, KeePass is great!

> Not everyone has a million devices.

I don't think that's fair. With 3 devices you're perfectly ok. Or even with only 2, if you also use a "key box" (gives you one "device" more at the cost of having to remember a password).

link