Not realy. The problem they solve is that people have accounts many on many websites, and the these sites need unique passwords to avoid people getting access to all your accounts when any of those sites get hacked.
I just don’t like how they have been sold and marketed as THE fix for passwords. Well that and using the same password manager across devices always seemed like a vulnerability.
To be fair it does not matter as much as people think as the chain is only as strong as the weakest link and most backend/physical infrastructure has been rotting from underdevelopment for years.
that is a very hot take. besides just personal use (bitwarden open source), 1password allows my work team to have our passwords, 2fa codes, backup codes, credit cards, addresses, all in one secure place, where we can add/remove people and grant access as needed. Our solution before was having one person in charge of the 2fa codes (which sucked, cuz sometimes they werent around/available), and plain text documents in our project management tool (which sucked, cuz people would accidentially delete parts of the doc, anyone could view the whole thing and leave it open, etc.). and thats not to mention that we werent doing the basics, like generating strong unique passwords for each service.
there will always be a worst case scenario no matter what solution we choose. 1password going down is less likely then a rogue employee (we’ve had a few), or a breach/issue with a much less secure platform that doesn’t specialize in sensitive data collection.
I think it is better to plan for the breach/issue/villain then to assume it will not happen. I don’t think 1password will stop a rogue employee or a protected info breach (I think everyone has had their info got by this point). I get people like these programs but I hope the same people have a backup plan.
Hot take here: Password managers are a solution looking for a problem.
Not realy. The problem they solve is that people have accounts many on many websites, and the these sites need unique passwords to avoid people getting access to all your accounts when any of those sites get hacked.
Are password managers the only solution? no.
I just don’t like how they have been sold and marketed as THE fix for passwords. Well that and using the same password manager across devices always seemed like a vulnerability.
To be fair it does not matter as much as people think as the chain is only as strong as the weakest link and most backend/physical infrastructure has been rotting from underdevelopment for years.
that is a very hot take. besides just personal use (bitwarden open source), 1password allows my work team to have our passwords, 2fa codes, backup codes, credit cards, addresses, all in one secure place, where we can add/remove people and grant access as needed. Our solution before was having one person in charge of the 2fa codes (which sucked, cuz sometimes they werent around/available), and plain text documents in our project management tool (which sucked, cuz people would accidentially delete parts of the doc, anyone could view the whole thing and leave it open, etc.). and thats not to mention that we werent doing the basics, like generating strong unique passwords for each service.
And having all those eggs in one basket is a risk. What is the plan for when 1password has any issues?
there will always be a worst case scenario no matter what solution we choose. 1password going down is less likely then a rogue employee (we’ve had a few), or a breach/issue with a much less secure platform that doesn’t specialize in sensitive data collection.
I think it is better to plan for the breach/issue/villain then to assume it will not happen. I don’t think 1password will stop a rogue employee or a protected info breach (I think everyone has had their info got by this point). I get people like these programs but I hope the same people have a backup plan.