2FA only works if the factors are separate.
If your password manager holds both your passwords AND your 2FA seeds/backup codes, your "second factor" is not really separate anymore.
What I changed (and a checklist):
https://marcelbootsman.nl/two-factor-authentication-only-works-if-the-factors-are-separate/
Unlike some password managers that overwhelm users with features, Proton Pass keeps things straightforward, making it easy to manage your passwords without a steep learning curve.
Read more 👉 https://lttr.ai/AnH5M
Ok time for a rant
The annoying screwup of passkeys
https://blog.ppb1701.com/the-passkey-otp-nightmare-how-security-became-user-hostile
I’ve published a new article looking at how hardware security keys work with Proton Pass, including YubiKey support.
It covers:
• what security keys actually protect against
• how they fit into Proton Pass
• when they’re worth using (and when they’re not)
If you’re thinking about stronger account security without adding unnecessary friction, this may help.
🔗 https://paulobrien.com/proton-pass-yubikey-security-keys/
#EmailSecurity #AccountSecurity #PrivacyTools #PasswordManagers #Proton #YubiKey #DigitalSecurity #Infosec
7 Tips & Hacks for Ultimate Password Manager Security
8 Of The Best #PasswordManagers That Users Swear By
https://www.bgr.com/2042928/best-password-managers-according-users/
Your aperiodic reminder that Passkeys don't yet have any sort of universal import / export format (specified by FIDO or elsewhere).
** This means that OS level Passkey support is effectively vendor lock-in to that platform **
If you must or need to use Passkeys then you really do need to use a third-party password manager that supports Passkeys, cross-platform.
If you wish to move from Windows to Linux (or might be forced too move) then you need to take your Passkeys (and passwords) with you relatively easily.
If you currently use Windows and Android (for example) then cross platform is important. Third party password managers will enable this cross-platform flexibility.
Also remember that Passkeys are only as secure and the recovery mechanism., in the event you loose access to that service. This means you probably still need to have strong passwords and TOTP 2SA configured for accounts, especially important ones.
Question regarding #Passwordmanagers: do you use a password manager like #Keepass and #Nextcloud or #Syncthing to access your db from desktop/laptop and mobile? If so how do you do it? What app on #Android works well to access the database? How bad are sync conflicts? I've been using Firefox's internal password manager and #Firefox Sync but would like a dedicated password manager like Keepass instead. I already have a Keepass db but I only use it for select few places, especially things I don't typically access via web browser (playstation account, router ...). I have never used it from mobile yet, but would like to try.
What's the most 'private & secure' free password manager in your opinion on Android? And what would be your top suggestions?
#AskFedi #PasswordManager #PasswordManagers
Ooooo, that's terrible of Games Workshop.
They've got a competition in their newsletter. It involves using your MyWarhammer account to log into a third-party website.
Except that the third-party website has a "Log in with MyWarhammer" button that takes you to warhammer.europe.auth0.com.
And yeah, sure, it's from the official newsletter and they probably are just using custom branded Auth0. But password managers don't match that to login.mywarhammer.com, which is REALLY BAD because it's training people to put their credentials in to potentially fake phishing pages!
@otter @e8d79 i know of psono and aliasvault as bitwarden/keepassxc replacements. anyone know if they are reliable? #passwordmanager #passwordmanagers
Most Secure Password Management Explained | Go Incognito 3.4
@keepassxc is now relying on #AI -generated code.
https://github.com/keepassxreboot/keepassxc/pull/12588
Switch to OG #Keepass or an alternative.
https://keepass.info/download.html
#security #cybersecurity #cybersec #InformationsmSecurity #InfoSec #PasswordManager #PasswordManagers
Why do we live in a world where #PasswordManagers have celebrity investors and are setting themselves up for "waves of disruption"? I want to you to competently store my passwords and let me use them on two devices. Why do you need $950,000,000 of investment to do that?
https://www.cnbc.com/2025/11/06/ryan-reynolds-backed-1password-tops-400-million-in-arr.html
#1Password #RyanReynolds #ScarlettJohansson #MatthewMcConaughy
I just published "Apple Passwords and UpLock might replace 1Password (or not)" over at @medium . The people at Mac O'Clock posted it on their publication aswell. Cewl... https://medium.com/macoclock/apple-passwords-and-uplock-might-replace-1password-or-not-f34de19225f5?source=social.tw
#passwordmanagers #apple #macOS
The ULTIMATE Guide to KeePass
Bitwarden’s free tier is generous enough for most users, offering unlimited password storage and syncing across devices.
Read more 👉 https://lttr.ai/Aj3ag
Vaultwarden Password Manager | adminForge.de
https://adminforge.de/services/vaultwarden-password-manager/
#passwords #PasswordManagers #security #ITsec #Bitwarden #Vaultwarden #adminForge
Top 3 password managers | Tuta
1. KeePassXC
2. Bitwarden (free version)
3. Pass
https://tuta.com/de/blog/best-password-manager
#passwords #PasswordManagers #security #ITsec #Tuta #KeePassXC #Bitwarden #Vaultwarden #Pass
