this post was submitted on 02 Mar 2024
304 points (96.6% liked)

Privacy

32142 readers
1073 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

2023 was a record-breaking year for cybersecurity in a bad way. Ransomware payments hit a record high of $1.1 billion, which is likely to...

you are viewing a single comment's thread
view the rest of the comments
[–] idefix 6 points 8 months ago (6 children)

Can someone explain what those password managers are doing better than Firefox?

[–] [email protected] 19 points 8 months ago (2 children)

I guess a bunch of things, as they are specialized apps:

  • proper auth. I think with Firefox you can have a password, but a password manager will have multiple options for 2fa including security keys, and on phone fingerprint unlock etc. In general, password managers are more resistant to malicious users gaining access to your device.
  • store all kinds of stuff. Not everything happens in the browser, and it's just convenient to have an app just for credentials. Many password managers allow to store and autofill credit cards too, for example.
  • on the fly generation of aliases. Password managers have external integrations. For example proton and bitwarden can integrate with simplelogin.io to generate email aliases when you choose to generate a new username.
  • org-like features. Password managers can be also convenient for sharing with family (for example). I do manage a bitwardes organization used by all my immediate family, which means I can share credentials easily with any of them. Besides the sharing I can also ensure my (not tech savvy mom) won't lock herself out (emergency breakglass access configurable) and technically enforce policies on password strength etc.
  • as banal as it is, self-managing. I like to run my own services and running my own password manager with my own backups gives me peace of mind.
  • another perhaps obvious point. More compatibility? I can use my password manager on whatever device, whatever browser. For some, it might not change anything, but it's a convenient feature.

As a personal addition, I would say that I simply want the cornerstone of my online security to be a product for a company that is specialized in doing that. I have no idea how much effort goes into the password manager from Mozilla, for example.

[–] idefix 1 points 8 months ago

I'm answering your comment but I'm grateful for those who have answered. You basically have more extensive needs that I have, which makes sense.

On my side:

  • I'm not planning on leaving Firefox any time soon but the migration seems straightforward
  • The security is sufficient for me: master password on the desktop, fingerprint on my phone
  • To be noted: Firefox is my default password manager for all my android apps. Its scope extends beyond web browsing
[–] [email protected] 10 points 8 months ago

I need to enter passwords in lots of places that aren't a browser.

If Firefox's password keeper meets your needs, then I would endorse using that, for sure.

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)

(I use KeepassXC)

I use the notes section alot. I can store all kinds of related info. For example on sites that still use a username to login, I can put the email I used to sign up in the notes section.

I'll also do security questions answers here. Using a pasphrase generator for those is good. No one is going to check if your first dog's name really was "consoling-roving-activator-earflap" and no one can find it on your over sharing grandma's Facebook.

I'll also attach any license keys/relevant files for software, now those stay encrypted and backed up with the database instead of in a random folder of text files.

[–] [email protected] 3 points 8 months ago

In addition to what the others have said, with those other password managers you dont have to do much if you decide to change browsers some day.

[–] [email protected] 3 points 8 months ago

I thought I read somewhere that the build in browser password saves are not very secure.

This was maybe 5 years ago so i am guessing they have improved it?