Quote:
Originally Posted by Uncle Robin
Bitwarden does ok for me - I doubt there's much about my life that interests Five Eyes enough to bother cracking the 12-25 character passwords it generates for each website I use. Remembering the master passphrase is much easier than trying to decipher the drunken spider's scrawl that would be any handwritten list I might create.
|
Yep. I use Bitwarden (with biometrics that allow me to avoid having to type the master password on my phone) in conjunction with two-factor authentication (Yubikey wherever possible, otherwise authenticator app) on sites where any sensitive personal data is stored. One can even host the Bitwarden server/database on their own in-house hardware if they're extra particular (I'm not).
But all the precautions in the world might not help when someone gets their hands on hardware (either though outright theft or employee negligence)
I control what I can control, and honestly don't worry a lot about the rest (except for being very particular about the number of sites that I will purchase anything from).
I had an account with B&N a long, long time ago, but I've heard nothing from them about this breach. More than likely, that's because I was registered using an email address that's no longer active, and very probably using a credit card I no longer have. *shrug*