this post was submitted on 20 Jun 2023
7 points (100.0% liked)

Technology

25 readers
1 users here now

Computers, phones, AI, whatever

founded 1 year ago
MODERATORS
 

Lately I've been increasingly worried about corrupted payloads of even open source password managers. Password managers are among the world's biggest honeypots. Maybe you trust the coders of the password manager. Maybe it's Open Source. But do you trust all of its upstream dependencies? And all their CI build processes? And each of their developers' security?

That's part of why I won't use an Electron-based password manager like BitWarden: there's no Electron app with a minimal dependency graph. Even Electron itself could easily fall victim if someone important in the development pipeline is compromised... And besides, Electron sucks anyway.

So, one way I can mitigate against the possibility of a malicious payload being delivered on password manager update is to not put all my eggs in one basket. For example, where I can, I authenticate with a Yubikey (if only by TOTP on Yubico Authenticator). Then my password isn't enough. But where do I store the recovery codes? Ugh: in the password manager.

I've been thinking on this for a while, and I haven't really found a perfect solution that provides me a way to store secrets without also being too reliant on one party's software. If I rely heavily on the password manager, that puts too much trust in it. If I rely more on a hardware token, that's too risky in case of loss of theft.

What's a security-aware nerd to do?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

Do you use a safe deposit box?

[–] [email protected] 1 points 1 year ago (1 children)

Sadly no, just have the fireproof safes you can find at most big box stores.

[–] [email protected] 1 points 1 year ago

That's the weak spot. It seems unlikely, but if there were a natural disaster or house fire, you'd lose access to your vault and your data.

In my case, that would be irreplaceable family photos, which is why I'm thinking about this more. I have an off-site backup for my data, but I'd need to be able to decrypt it.