The hard on's y'all get for password managers, and the Firefox circlejerks is baffling. Leads me to believe these "federated" instances have a double entendre everyone glosses over because of their shiny new toys.
I use random passwords for every account and using a password manager is the best way I've found to manage that. Is there another method that you prefer?
I get it, and they definitely make things easier on people. But how many times have we seen instances of people abusing their custodial privileges? My gripe is with the push I've seen to get people using these tools, more than the existence of them in general. Mnemonic techniques to remember your passwords will always be superior from a security perspective. It's the same as crypto, "not your keys, not your coins."
Mnemonic techniques are okay, but won't you have to come up with a different one for every service you use? I mean if there's a pattern, then a breach in any one of them could compromise all your passwords.
I myself use mnemonic password for my master password. And I've started to make my passwords longer randomly generated ones. I use a file based password manager as well. I think that's a good mix of security and convenience.
That's a good point, thanks for explaining. Something I try to remember is that you not only have to trust the company who's managing your data, but you also have to trust them to protect it from bad actors.
I'm trusting Bitwarden for now, but eventually I'd like to move to a self-hosted option like Vaultwarden. I think that's the best way to go if you're confident in administering it.
That's a good point, thanks for explaining. Something I try to remember is that you not only have to trust the company who's managing your data, but you also have to trust them to protect it from bad actors.
I'm trusting Bitwarden for now, but eventually I'd like to move to a self-hosted option like Vaultwarden. I think that's the best way to go if you're confident in administering it.