Scott Hardie | September 24, 2019
I don't use a password manager, but I've been tempted to get one because I keep seeing articles like this touting their benefits. If any of you use one, I'd appreciate some help figuring out one aspect that I don't understand.

I keep hearing that it's unsafe to use the same password on multiple websites. If hackers steal your data from one website, they can log into other websites as you. That makes sense.

A password manager lets you generate an infinite number of different passwords without having to remember them. But fundamentally, you're still using just one master password for the manager.

So if hackers steal your master password, isn't that just as bad as them stealing your password from a website? How is that more secure?

It's less likely to happen, because the password manager services presumably take their security more seriously than some random website. But if it does happen, you're still screwed, right?

In fact, you're even more screwed, because the password manager remembers the sites for which it's storing passwords. If a hacker steals my Google password, s/he doesn't know that I also have an Amazon account with the same password; s/he would have to go around the web trying different services and hope to find some of my logins. But once a hacker gets into my password manager account, there's a list of literally every website I access and the password to each one. Isn't that worse?

Am I wrong here? There could be something I'm not understanding.

Erik Bates | September 24, 2019
[hidden by request]

Scott Hardie | December 9, 2019
I neglected to get back to you on this, Erik, but those are good points. I don't know if it helps, but one of the advantages of owning my own domain is that every address @ my domain all routes to my real inbox elsewhere. So I can register a different email address with every service that I sign up with, AND there's no obvious login point to check the messages. I'll sign up with LastPass. Thanks for the insight. :-)


Want to participate? Please create an account a new account or log in.


Other Discussions Started by Scott Hardie

Finger Food for Thought

In the news: A university researcher has remotely controlled the body of another researcher, forcing him to flick a finger from across campus. Go »

Loonatics

Ask anyone who knows me: I've never liked the Looney Tunes characters. Bugs Bunny is a mean son of a bitch whose jokes consist of how stupid everybody else around him is. Go »

The Best Movie Year

I could swear that we discussed this already, but I can't find it in TC's archives for the life of me, so maybe not. Go »

Go Bio

Erik Bates reports losing his bio this week (that long free-form paragraph you can write in your personal info), though he says he may have caused the glitch himself while fiddling with the form. Go »

More Polls!

With all the polls I want to put up today, I got to thinking that maybe Jackie was on to something. I could program a simple radio-button poll for a sidebar on the site, and provide a form for authors to create their own polls. Go »

Rewarding Experience

Have you signed up for rewards programs at stores, restaurants, or other businesses? What do you think of them? Go »