|
|
|
|
|
|
by eigenspace
2069 days ago
|
|
|
Regarding outages, services such as 1Password allow you to locally save your keys. An outage might interrupt synchronization, but you won't lose access. As far as the other concerns, I'd say these concerns are all present in the 'single password re-use' strategy as well, except instead of choosing one single company to trust over your stuff, you now have to trust every single website you log into to safeguard your passwords, lest a malicious actor gets access to everything. I agree there are downsides to services, but I disagree very strongly that the situation with services are no better than just re-using a password. |
|
|
Even if that layer is composed of a password and MFA, it is still one layer.
And by using a SaaS password manager you would have also done another part of the job on behalf of the adversary: enumerate what they have access to.
If you are VIP, persistent adversaries will find a way somehow.