Use the “passwords” feature to check if one of yours is compromised. If it shows up, never ever reuse those credentials. They’ll be baked into thousands of botnets etc. and be forevermore part of automated break-in attempts until one randomly succeeds.

  • Miaou@jlai.luEnglish
    11·
    9 hours ago

    If there’s one thing I’ve always been wary of, it’s the password manager browser extensions. And I’ve been proven right. Don’t be lazy, it takes 30 extra seconds to do it manually.

    Pishing detection is nice though, I’ll admit.

    • sugar_in_your_tea@sh.itjust.worksEnglish
      1·
      4 hours ago

      There are two major threats to a password manager:

      1. Breach - if the server doesn’t store the key and data is encrypted, they’ll have to break the crypto
      2. Client - if the client can be compromised, they can intercept password entry

      The second is much harder to mitigate, but also much harder for an attacker to pull off since they need to compromise the update delivery chain.

      Whatever client you use, make sure you trust the update mechanism.