Use the “passwords” feature to check if one of yours is compromised. If it shows up, never ever reuse those credentials. They’ll be baked into thousands of botnets etc. and be forevermore part of automated break-in attempts until one randomly succeeds.

  • sugar_in_your_tea@sh.itjust.worksEnglish
    1·
    4 hours ago

    There are two major threats to a password manager:

    1. Breach - if the server doesn’t store the key and data is encrypted, they’ll have to break the crypto
    2. Client - if the client can be compromised, they can intercept password entry

    The second is much harder to mitigate, but also much harder for an attacker to pull off since they need to compromise the update delivery chain.

    Whatever client you use, make sure you trust the update mechanism.