John OpdenakkerI’ve asked this on Twitter before but let’s also try it here in the hope to reach more people outside of the #infosec bubble.
Do you use a password manager?
Reblogs appreciated!
Yes
No
What’s a password manager?
Show results
Poll ended at .
For the people that answer no, also interested to know why. Is it because you don’t trust it, or rather because you don’t know how to use it, or…?
ocdtrekkie@j_opdenakker Password managers are a single point of failure, all of which have experienced some sort of major vulnerability or compromise. While I've used them in *very limited* contexts, I consider them a generally bad idea, and actively encourage the security industry to stop recommending them.
A cloud-synced password manager can be attacked by anyone on the planet, the post-it note on my monitor can be attacked by people who can see into my office. The latter is vastly more secure.