I feel comfortable trusting widely used password managers, like Password Safe.
But then, who cares about the ones you never use? It is theoretically possible that the password manager could be trojaned, or have a back door - but this is true with any software. With a password manager, it's slightly worse, because once the malware has captured the master password, it gets all your passwords. Without a password manager, malware can quietly sit and capture all the passwords you use. The most likely cause of a breach is getting malware on your computer. But then, your computer is a single point of failure too. It is true that the saved passwords are a single point of failure. Offline password managers carry relatively little risk. We should distinguish between offline password managers (like Password Safe) and online password managers (like LastPass).
0 kommentar(er)
