Notesīasically anything that is still intended for you to read, but doesn’t seem to fit into the main fields. In addition to service addresses, usernames and passwords, it allows storage of other kinds of information. I log into these accounts so rarely that I can go through the trouble of obtaining the secret from another place. That said, there are a few accounts where I still use “true 2FA”, where a secret is actually stored in a separate place which is not directly connected to where I input the code. The impact that “true 2FA” brings to the table is negligible compared to using a password manager that also handles 2FA. Plus, just the use of password manager on its own makes maintaining of unique passwords across services markedly easier. While I agree, I still consider this a major improvement over just password: it still prevents most attacks based on credential reuse because of TOTP changing over time, adds to complexity of passwords making even rather simple passwords much more robust. Security advice One could argue that this defeats the purpose of two-factor authentication, when passwords are stored alongside TOTP. It handles two-factor authentication based on time-based one-time passwords (TOTP). Icons can also be downloaded for respective URLs automatically, although that bit doesn’t always work, and using DuckDuckGo for this (disabled in settings by default) is slightly more reliable. Entries can be grouped into folders and subfolders of any nesting level, icons allow for quick visual grepping, and of course there’s search. OrganizationĪ particularly handy chunk of features is around presentation of your database of credentials. It has an accompanying browser extension for major browsers that allows automatic use of credentials on websites, rendering in-browser password management… obsolete? And I’ve never felt comfortable about my password vault being handled by servers outside of my control, which is the convenient solution that major browsers keep suggesting. It opens KeePass databases, allows protected access to data therein and provides a few operations for database files such as merging. The main powerhouse of KeePass database management. It can handle passwords, two-factor authentication, SSH keys, file attachments and pretty much any data where you only want to access one individual entry at a time. KeePass is a piece of software for password management, which is not very interesting by itself, but its successors very much are.
0 Comments
Leave a Reply. |