3 popular password managers are less secure than promised

ergophobe · March 13, 2026, 11:17:05 PM

https://www.futurity.org/password-managers-security-3323452/

Rupert · March 24, 2026, 06:24:27 AM

Not a good look. What are you using now? I am still with a fairly major player.

ergophobe · March 25, 2026, 01:47:06 AM

Honestly, I hesitate to say on a public forum now that it's so easy for people to have agents that can connect so many dots.

Brad · March 25, 2026, 06:28:14 AM

Hehe. Mine is still a pocket sized spiral notebook I got as swag from old GoTo decades ago. Works great, nobody has hacked it yet.

Rupert · March 26, 2026, 08:51:18 AM

Quote from: ergophobe on March 25, 2026, 01:47:06 AMHonestly, I hesitate to say on a public forum now that it's so easy for people to have agents that can connect so many dots.

Now I feel an idiot

ergophobe · March 26, 2026, 10:20:09 PM

Not too late to edit your post

Rupert · March 27, 2026, 06:31:54 AM

Its out there...

Part of the reason to ask, is the worry of how to defend yourself. And there are so many people who are still on the 1 password structure for everything, that I don't think I am particularly low-hanging fruit.

But still better late than never. Thanks for the suggestion.

ergophobe · March 30, 2026, 12:34:30 AM

I don't think you can fully defend yourself.

You can run a password manager that is purely local.

QuotePaterson recommends choosing a password manager that is transparent about potential security vulnerabilities, undergoes external audits, and, at the very least, has end-to-end encryption enable by default.

But which one is that? How can I possibly know how transparent a password manager is being?

In general, though, I would say the old advice is still sound
- strong passwords
- second factor anywhere that matters
- do not repeat passwords across accounts.