Password managers don’t protect secrets if pwned
www.theregister.com
: Researchers demo weaknesses affecting some of the most popular options

cross-posted from: https://infosec.pub/post/42164102

Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…

  • nieminen@lemmy.worldEnglish
    3·
    20 hours ago

    That’s why I liked password store, no servers, just my encrypted password files on my own computer, that I sync over to my other devices.

    Apparently it’s dying soon through, so I need an alternative.

    • vrighter@discuss.tchncs.deEnglish
      7·
      20 hours ago

      i use keepassxc for the offline database part, and syncthing to sync it (among other things) between all my devices

    • PodPerson@lemmy.zipEnglish
      2·
      16 hours ago

      I was enjoying 1Password until they went completely subscription, so I switched to Strongbox (based on Keepass) and it’s been pretty good. DB stored locally and I use my own tools to sync that vault to my other devices.