Re: Different password? Not credible.
"what happens if the particular manager you use is abandoned for any reason?"
If it's not cloud-based, then nothing. Your non-cloudy software doesn't suddenly stop working just because it gets abandoned.
"What if the password manager software turns out to have a vulnerability which means it's possible to lift passwords from it?"
In my case, you need to have physical access to my phone in order to lift passwords from it.
"But by far the biggest issue is, what happens if your "key" password is compromised?"
First, how would that happen? Again, talking about non-cloudy password managers, you aren't using your master password anywhere else, and you aren't sending your password over a network. The only way that it could be lifted would be if someone managed to install a keylogger or somesuch on your machine. If that's the case, then all bets are off no matter what.
I agree, though, that using a password manager that involves the cloud or talks in any way over a network is a risk I would never be willing to take.
Biting the hand that feeds IT
