[planb]

When do you have a password in plain sight? On the other hand, a key logger that extracts the passphrase for my password manager and steals the database file of it would be a disaster. I’d rather have an attacker browse through years of screenshots.

[pseudalopex]

> When do you have a password in plain sight?

When I generate a new password.

[parpfish]

Or when you click the little eye icon to show you a password when you’re typing it in or looking at it in your password manager

[hypeatei]

Recall is just a massive trove of data and there is no single way it can be abused. For example, key loggers are extremely noisy (bunch of keystrokes being dumped into a log) and an attacker could use the data to see when the last time the user logged into their password manager was to narrow down the search.

[croes]

>On the other hand, a key logger that extracts the passphrase for my password manager and steals the database file of it would be a disaster

Too bad that's it's not either or but on top of that.

So they can steal your current and past secrets.

The total package.

[metalspoon]

Oh, why care about key loggers. They are rare. On the other hand, a serially killer in my house would kill me literally!