Password managers

Altoid · Yesterday 08:52:04

Hello:

From The Register:

-------------------------------------------------------------------------------------
You probably can't trust your password manager if it's compromised
Researchers demo weaknesses affecting some of the most popular options
By Connor Jones
Mon 16 Feb 2026 // 16:20 UTC
-------------------------------------------------------------------------------------
https://www.theregister.com/2026/02/16/ … _managers/

Connr Jones @The Register wrote:

Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.

Really?

I would have thought that a compromised server was indeed a compromised server.
No matter what the PMs vendors said.

Which is why I do not use passord managers.

Best,

A.

Last edited by Altoid (Yesterday 08:53:26)

Andre4freedom · Yesterday 09:06:15

We know Internet-based password managers are not safe. It's still best to keep the passwords in a local and decent password manager either on your secure machine or on a local server in your secured local network. Cloud-based password services are even worse.

Altoid · Yesterday 09:20:02

Hello:

Andre4freedom wrote:

... Internet-based password managers are not safe.

Always been a matter of common sense / common knowledge to me.

Andre4freedom wrote:

... best to keep the passwords in a local and decent ...

Little black book.
In my opinion, any system can be (eventually) hacked.

Best,

A.

ruenoak · Yesterday 21:10:54

I agree keeping passwords locally is best.
I guess password managers are partly a generational thing too, when the world went to the "online by default" model. My entry into the world of computers was "offline by default" so passwords were either written down with stone age tools or in a local text file.

Unfortunately we are forced to be online and logged in to everything or it doesn't work! These days I use my Browser password manager but I keep that local and not synced.

It's not perfect I know.

brocashelm · Yesterday 22:27:41

An encrypted file (locally) or USB flash drive by means of VeraCrypt or something else works fine. I've never had a use case for password managers, and what Altoid's original post describes is a part of that reason why.

laurie_dev1 · Yesterday 22:40:18

Keepassxc would surely be a safer option than these online managers.
I remember back in 1998 when i got my first computer on windows 98, i just used a text file!
I didnt know any better, it was either a text file or written down on a piece of paper/notepad.

Nowadays im using password-store but i have started learning sqlite so am wondering if it would be worth creating an encrypted database of my own, but keepass has already done this so probably a waste of time. Be good for learning i suppose.

greenjeans · Yesterday 23:42:58

Nowadays im using password-store but i have started learning sqlite so am wondering if it would be worth creating an encrypted database of my own, but keepass has already done this so probably a waste of time. Be good for learning i suppose.

I had a similar thought a couple months ago, kind of a sidetrack of the note-taking app I was messing with and I had the idea that it was a good generic gui for a password-storing app, just need to add some encryption and that's not difficult. If you decide to pursue it you might take a look at the Vuu-notes code as there might be something in there you can use: https://sourceforge.net/projects/vuu-do … /VuuNotes/

The officially official Devuan Forum!

#1 Yesterday 08:52:04

Password managers

#2 Yesterday 09:06:15

Re: Password managers

#3 Yesterday 09:20:02

Re: Password managers

#4 Yesterday 21:10:54

Re: Password managers

#5 Yesterday 22:27:41

Re: Password managers

#6 Yesterday 22:40:18

Re: Password managers

#7 Yesterday 23:42:58

Re: Password managers

Board footer