Hacker News new | past | comments | ask | show | jobs | submit login

"Bitwarden does not warn about this risk."

This is wrong. The Bitwarden client very clearly warns about storing your encryption key locally via a mandatory popup window, as seen here: https://i.imgur.com/BzXJmos.png




It looks like this is a popup for a different setting. Did you watch the video outlined in the post?

The author is arguing that such a popup should also exist when locking a vault with a PIN only.


I'm pretty sure that comes up only if you disable vault timeout entirely, not if you enable a timeout but allow unlock with PIN.


That's about as unclear as I could imagine. "If you use this option please ensure you take the appropriate precautions."


That's not what it says though. How would you phrase it? I don't think they do a great job but this is pretty hard to explain in two sentences if you're targeting a non-technical person.


"If you use this option then your passwords will not be stored securely. Any program or person that can read your files can also read your passwords."




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: