|
|
|
|
|
|
by sneak
1922 days ago
|
|
|
This is a false dichotomy. Nobody is claiming that mindlessly clicking "update" guarantees safety. I run a private fork of the bitwarden client, anyway. Their stock one partially trusts the iteration count of the PBKDF provided by the server, and can be tricked into sending a low-iteration hash of the master password. |
|
|