pwm
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| pwm [2026/05/23 14:27] – particles | pwm [2026/05/26 02:43] (current) – [Awkward password managers] particles | ||
|---|---|---|---|
| Line 30: | Line 30: | ||
| This section is for advanced users. By " | This section is for advanced users. By " | ||
| - | I don't use [[hosted_pwm|cloud-based password managers]] or suggest them to security conscious people. The attack I worry about with these is not realistic, but I consider it unacceptable for security professionals or high risk individuals((High risk individuals like people who would be targeted by governments, | + | I don't use [[hosted_pwm|cloud-based password managers]] or suggest them to security conscious people. The attack I worry about with these is not realistic, but I consider it unacceptable for security professionals or high risk individuals((High risk individuals like people who would be targeted by governments, |
| + | |||
| + | For advanced users, consider a custom KeePassXC setup, [[pwm_personal|like the one I use]]. The basic gist could apply to any offline-only password manager, but basically you need your own solution to access your vault from where you need to access it, a backup solution, and probably a plan for how to recover if you need to do that. | ||
| + | |||
| + | I don't really suggest using gopass/ | ||
| + | |||
| + | I don't really find it comfortable to use anything using PBKDF2 with a custom iteration count these days. It gets into really odd territory where you have to judge the iteration count and actually care about it. [[https:// | ||
| + | ===== Awkward password managers ===== | ||
| + | |||
| + | - LastPass. LastPass has had corporate data breaches and security vulnerabilities that warrant not using it, probably at all. | ||
| + | - Bitwarden. Bitwarden should not be as bad as it is, but there are routinely security vulnerabilities in this product. If you self-host Bitwarden or Vaultwarden and don't expose to the internet, your risk decreases dramatically because it turns into an offline password manager, but doing these activities requires some work. < | ||
| + | - [[https:// | ||
| + | - See [[https:// | ||
pwm.1779514072.txt.gz · Last modified: by particles
