HackerTrans
TopNewTrendsCommentsPastAskShowJobs

unodonut

no profile record

Submissions

[untitled]

1 points·by unodonut·5 tháng trước·0 comments

Ask HN: Which password manager do you use / would you recommend?

5 points·by unodonut·5 tháng trước·12 comments

comments

unodonut
·5 tháng trước·discuss
Update, with Apple's 'Passwords' app, it appears all someone needs to do to get access to every single stored password, is grab your iPhone while it's unlocked, or sneak it from you while sleeping and use face id to unlock it.

Or, they could shoulder surf to get a 6 digit pin to unlock the phone, then steal it, then they're in.

Seems way less secure than 'Correct Horse Battery Staple'.
unodonut
·5 tháng trước·discuss
Thanks for the rec. This is looking like the front-runner atm, for ease of adoption (nothing additional to download and setup) and cost-effectiveness (free for those who already on iOS/macOS).

EDIT: youtube reviews are really negative about Apple Passwords, but, those reviews all link to other (paid) password managers, so they cannot fully be trusted, since they're essentially in competition.
unodonut
·5 tháng trước·discuss
According to the wiki, a one-click exfiltration vulnerability has existed for more than half a year and hasn't been fixed:

> In their default configurations, these extensions were shown to be exposed to a DOM-based extension clickjacking technique, allowing attackers to exfiltrate user data with just a single click. LastPass version 4.146.8 (September 12, 2025), which was intended to address the issue, remains vulnerable

https://en.wikipedia.org/wiki/LastPass#Security_incidents