• @[email protected]
    link
    fedilink
    -211 months ago

    Keeping all on one password (password manager) is a single point of failure, which i don’t like. I mean sacrifice because my brain can only remeber a few 512bytes long passwords (again i don’t use password managers because of single point of failure).

    • @MetaCubed
      link
      3
      edit-2
      11 months ago

      Does your threat model involve The Mossad? There’s no way on earth that you are genuinely remembering multiple 512 byte random passwords, let alone actually taking the time to type them in.

      Having a password manager, with MFA, a strong master password, and rule based device verification is ultimately more secure as you can have every password be randomized.

      Best practices are best practices for a reason. I recommend you follow them.

      • @[email protected]
        link
        fedilink
        011 months ago

        Mossad or other agencies arent God. If my device is cryptographically secure and doesn’t have backdoors it’s unfeasible to access any data with current technology. I guess you are right if you take into account Intel management engine and similar, but since I use libreboot bios that does not apply to my computer (only place that I treat as secure).

        If you use Apple, Microsoft, google, etc devices, those are 100% vulnerable even if you use idk rsa 2048 (xd). The problem is who you are trusting.

        That’s a good point. But, yeah again I don’t fall in those categories. I try to ensure that my security is only based and covered behind cryptography theory and nothing else.

        • @MetaCubed
          link
          311 months ago

          The point is that if someone really wants to get into your device, they will. It doesn’t matter if youre using open source firmware, in a custom implementation of linux, on a MIPS CPU, and you personally build every package from source and complete a compliance code review before installing it, etc.etc.etc. If government agency x is targeting you specifically, your best line of security is to lock your device in a safe, take a boat into the middle of the ocean, and then dump it at an unrecorded location and never retrieve it.

          A device is only secure as long as you are not using it, and it is not accessible physically, or by network.

          You do you dude, I’m just saying your advice is awful for the average user.

    • @LibreFish
      link
      211 months ago

      Isn’t your computer a single point of failure? A keylogger will get your password database or you manually entered passwords all the same.

      • @[email protected]
        link
        fedilink
        011 months ago

        Who says I have the same password for my root, my user account, and my LUKS encrypted hard drive? Losing one doesn’t mean losing everything like in a Password manager.

        • @LibreFish
          link
          311 months ago

          Not that, I meant a keyloggers could get the password to your password database in the same way it could get any accounts you log into by typing your password into a browser.