Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The alternative to fully cloud-based solutions would be a local, open source kdbx client (Keepass, KepassXC, etc) with the password database situated on a cloud storage (Dropbox/Google Drive/etc). This way, one gets the best of both worlds.


This can be a nice compromise, but it's not without downsides. Personally, 99% of the authenticated software I use is in my browser, and the usability of an extension that has a little badge to tell me I have an account on this site and autofill capabilities is really tough to pass up. Further, because it's an extension, it can know what site I'm on, which all but eliminates my risk of falling prey to phishing attempts.


KeepassXC does have a browser extension.


Why go through all that trouble? The passwords database or storage in 1Password is encrypted. It is only ever decrypted on a local device.


How is cloud storage more secure than a password managers web interface ?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: