| Sure. A long time ago, I had a gut feeling that 3rd party password management across the board was a bad idea. Three parties having secrets is objectively worse than two. I quieted that notion in my head owing to "experts" giving bad ideas (like yours above.) The fallouts are happening andI was right. Ledger, was it 1Password? Whoever. "Hygiene" and "User experience" and whatnot are dangerous weaselly ideas used by "security" companies to convince themselves that what they're doing isn't inherently a bad idea. "No brainer" should never be used because security is inherently hard. As we have fully seen, you can't "easy user experience" it away. It's difficult. Right now - every old person that y'all make fun of with their passwords in a little notebook? They're doing better than most. Now. I do believe there is room for companies. But with the following example I'm going to prove how absolutely full of crap most of these security companies are and it's REALLY simple. Indemnify me. I will pay for your product that saves passwords if you IDEMNIFY me. You can have 10? 30? bucks a month if and only if when I get breached you pay me $100,000. No one's going to take this deal, proving that they're mostly worthless. |