![]() ![]() ![]() Desktop application for easy use outside the browser.Choose where to host your password database.TOTP (time-based one time password) generator.Free functionality – even for services with paid tiers, your password manager should remain functional if you can’t pay the bill.Easy import/exporting to other managers – you should be able to stop using the product or service if you need to.Independent – not tied to another subscription or service that you may one day no longer need.Zero-knowledge master password – you should be the only person who has your password not the company providing password management service.Cross-platform, multi-device access – if you need them,your passwords should be as easy to get at on your phone as on your desktop PC.I use a second password manager and a backup Yubikey as my own solution. Another route can be to use a Yubikey or have a backup phone running the same TOTP with Google authenticator. Dashlane’s free option works great for that and the fact that it can only be used on 1 device might be a security feature in this case You could also use LastPass’ Authenticator app and have it backed up via a linked free LastPass account. (2) I’d simply use a second password manager that can store TOTPs. In general I do not like security features that tie themselves to a phone number. But a 2FA that advertises the ability to be logged in via a browser extension, desktop app, and mobile apps adds a lot of unnecessary attack vectors and thanks to human nature users might login via all of them for convenience. As far as I know they are not in any form competing in the password manager space. Why does Bitwarden and 1Password recommend Authy? Probably because it’s not bad in terms of security and because it is forgiving in terms of cloud backup and recovery options. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |