Hacker News new | past | comments | ask | show | jobs | submit login

I know people will deny it but don't underestimate security by obscurity. Why use the most well known password manager which is a huge target for nation states everywhere? Nobody is attacking my provider (which I won't say)



I have never really liked the idea of a password manager synched to a central server. Everyone always made excuses for it because each one is encrypted for each user and whatnot but it just means an attacker only needs to hit one spot to get a slew of vaults.

I liked 1Password for a long time because it gave you an option to sync with iCloud, Dropbox, FTP, etc. Then they started their own service like LastPass and started trying to push people to that. They got backlash initially and turned the other abilities back on but I'm sure they're trying to make it as difficult as possible to continue to use anything but synching to their server.

I've since moved to Keepass and sync it with my NAS


nation states? lol.

I would rather use the most popular password manager that's been audited, and never had a hack (1Password).

Then we have your "less well known" provider. They have probably outsourced their dev work to cheapest Indian firm they could find.

So I guess congrats on your data being public?


Nobody is attacking my provider

Would you know if they did? Would your provider know?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: