|
|
|
|
|
|
by Modified3019
532 days ago
|
|
|
Paraphrases are much easier than passwords in this regard. Though I fear keylogging more than brute forcing what my main password is. But this is why I use security keys like yubikeys. Doesn’t matter if an attacker knows my main password for any number of reasons, there’s fuckall they can do with it without my physical key. And even if they get into my vault and extract passwords, for many websites (in particular the most important ones) they’d still need to use my security key, they can’t just use the passwords. Attacks are still possible (with browser session fuckery?) but much harder that yet another breach where a website was storing passwords in plaintext Note, it’s best to not select “remember me” for Bitwarden: https://bitwarden.com/help/twostep-faqs/#q-why-is-bitwarden-... |
|
|
I like, no I think it's simply a hard requirement, that I can recover from nothing but the contents of my head. I can wake up naked in a foreign country and regain everything.