![]() I like all the self-hosted options I keep reading about - glad people are taking security more seriously. I don't know of any security issues first-hand, and I've been using their service for 7 years (personally, and 5 years with teams). I know that LastPass has made my life significantly easier since adding it to a number of companies I consult for. set up dead man switches on key accounts (for the hit by the bus scenario we all talk about). share passwords with people who need access (and often not even expose the actual password just access to it so you don't have to change everything in the event of turnover). isn't the team at a disadvantage? Another cliche warning: I need to care about forests, not trees.Īt least with LastPass (or whatever other system you can think of that's similar) you can setup "pretty good" team-based policies. but if someone in legal still has access to the "Passowrd123" for the AWS account. ![]() ![]() you can have all the security you want on your servers. isn't security at the organization level really crappy? Here's a real world example. and only a few people actually having good passwords. With every person storing passwords their own way. Most teams (you'll agree?) have horrible aggregate password management. aren't you letting perfect be the enemy of good? =P This doesn't mean KeePassXC will never support it, it only means that at the moment we don't have immediate plans and an implementation needs further discussion." The security of both KeePassHTTP and KeePassRPC is doubtable and in their current state we would prefer not to have them as part of the main KeePassXC product. "I removed the milestone for now since we are not sure if we actually want our users to expose their passwords over a network protocol with questionable security record. This says the opposite: (quoting from the github issue): ![]() > From the text it looks like one of the selling points is integration with apps like browsers so you don't have to copy/paste passwords, as with KeePassX.Ĭan you provide source please? thank you. NET keepass2 client on desktop and with the nice keepass2android. I love browser integration but am not willing to go to lastpass, therefore have to stay with the ugly, but well functioning. I am considering that I should store the keepass database somewhere else as a backup but not sure exactly where (at least the file server at my work) and also that I should tell the passphrase to somebody (perhaps an old university friend I don't see often he does not live nearby or work with me) in case of my untimely demise I'm using the KeePass/dropbox combo with a long passphrase these days though as I've decided that its more secure than the notebook and I can put more explicit information in there (and files), though it is somewhat nerdy so I still recommend the paper notebook for people like my mother. In fact I've recently moved away from the notebook for myself because I felt that if somebody breaks into my residence and takes that notebook (not all thieves are ignorant of how valuable a password book is, especially when this contains banking passwords) then all is lost. I used a natty paper notebook for years and in fact I borrowed this method from my mother who seems to feel guilty that she writes this stuff down but I try and reassure her that its ok. ![]()
0 Comments
Leave a Reply. |