Hacker News new | ask | show | jobs
by teddyh 1345 days ago
We should stop manually entered passwords. Using a password manager (like the one built into your web browser) with unique secure passwords is fine.
1 comments
Wowfunhappy 1344 days ago
How do you authenticate the password manager?
link
SketchySeaBeast 1344 days ago
With Keepass you can use a yubikey or key file.
link
teddyh 1344 days ago
The context was to stop entering passwords into web sites. The password manager is run locally.
link
layer8 1344 days ago
Passwords for websites are (hopefully) hashed locally. And more importantly, how does it make a difference whether you or the password manager types in the password into the web form?
link
Wowfunhappy 1344 days ago
> And how does it make a difference whether you or the password manager types in the password into the web form?

Well, because a hidden camera can observe a human typing their password, whereas a password manager does not need to press any physical keys.

However, a camera can observe a human typing a master password into their password manager, which is where I was originally going with the question.

link
layer8 1344 days ago
I meant regarding local vs. nonlocal, what the GP objected to.
link