![]() Seriously, I absolutely don't see how this could become a standard. And I find it highly unlikely someone will bother to interoperate beyond implementing an importer tool, because it's likely that no one wants to spend resources on alternative implementations just to be in dependent always-catching-up position. Why would they? I don't think anyone was invited to this party. ![]() > there's no reason why other managers couldn't interoperate Chrome had dropped Apple Keychain support for a reason). I think there is none, except for the OS-provided APIs (but those have complications of their own, e.g. > I'm not sure there is _an_ existing standard right now 8,192 bit encryption doesn't help you if you don't manage the key well. Just say "strong encryption practices" and provide a link to the details. but it doesn't change my disappointment in the totally useless "256-bit encryption" statement. Using the app, the first thing I noticed is that I have a LOT of duplicate entries but no obvious way to clean that up.ĮDIT: I see most of these details are on. It needs to be clear what the attack vectors are.ģ) HOW is the secret managed (say, "Secret is wiped on all application switches") At the very minimum I want to know:ġ) HOW is the key derived (say, "derived used PBKDF2 on the Firefox username + password")Ģ) WHERE is it encrypted (I assume "encrypted on the device/end-to-end/zero-knowledge"). ![]() ![]() I'd really expect the competent people at Mozilla to know that this statement means next to nothing. HOWEVER, it saddens me to read on the front page: "using 256-bit encryption". I installed it and will compare it to Lastpass (which is pretty good IMO). ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |