What is perhaps a little disturbing about the silence from LastPass is the lack of information on what they are changing to improve security. we should expect account credential data to be targeted and accessed by unauthorised third parties, given the constant trickle of warnings from HaveIBeenPwned over recent years. You are right LastPass's marketing combined with media references to 'vaults' does make it seem all the information in your 'vault' is securely encrypted by the master password, yet as you note the lack of detail in the disclosure does seem to indicate that only the passwords were encrypted, not the aide-memoire notes, payment cards, bank accounts and 'custom items'. One thing though that I think 1Password does slightly better is the encryption key for the Vault doesn't just rely on the Master Password.īut with the addition of the Yubikey and ability to approve logins from the App that BW have added over time, I've been able to change what was already a pretty strong password to a very strong - You've obviously upset someone for the down vote. That move was a little painful, one of the reasons being that there doesn't appear to be any way to query Authy for the order token/key - which was one of the few reasons I switched! Plus bought myself a YubiKey as a present :) So I switched to the base premium version of BW at that point and moved my TOTP there too. I had been using BW for passwords for a few years - and yes the UI still needs some improvement, but over the time I've been using it there have been good changes. Over the holidays and prompted by the LastPass scandal I did a little bit of due diligence on the different solutions, especially with regards to transparency. The only thing Bitwarden has going for it, over any other password manager, is the price and the semi-open-sourcery. I also find that the autofil works about one time in 100 on my Android devices, even though all the necessary settings and permissions are in place. This has been flagged up several times, as far back as 2019, as an issue and the developers' response has been a Jobsian "You're holding it wrong!" It completely closes and loses state if you switch away from it and, if you do remember to pop it out into a floating window, so that it doesn't disappear, it loses whatever info you've already entered. I think the Bitwarden UI on the browser plugins is awful.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |