1 upvotes, 2 direct replies (showing 2)
View submission: How to keep your Reddit account safe
But what happens when the password manager gets hacked? Or when you loose your password to the password manager.
Comment by HoraryHellfire2 at 07/05/2019 at 05:21 UTC
1 upvotes, 0 direct replies
Online password managers like 1password and Bitwarden encrypt all data in the "vault" very heavily. It's encrypted before any information is sent online and stored on servers. If someone were to hack them, they'd have a bunch of useless encrypted files. They'd need your "Master Password" that unlocks your vault locally in order to have access to your data.
You shouldn't be losing the password to the password manager at all. It should be a secure and unique password you use nowhere else that you can remember. Because of the purpose of password managers, you only ever need to remember one password.
If by "hacked" you mean that someone knows your Master Password and can access your account, they would know every one of your passwords. However, if you take proper security precautions like never giving the master password out to *anyone* and utilizing 2FA (especially more effective ones like Yubikey) then you don't have to worry about being hacked.
Comment by Searchlights at 07/05/2019 at 01:43 UTC
1 upvotes, 0 direct replies
My password manager login requires two factor authentication and my passphrase is long, known only to me and has sufficient digits of entropy to be effectively impossible to brute force.
I also have some "one time use" emergency passwords printed out and stored in a secure location - just in case.
My only significant vulnerability is for LastPass itself to have some kind of collosal security failure. That's a risk I chose to accept.