![]() ![]() I just paid for a bitwarden sub, and installed it everywhere. These are genuine questions and not accusations. The most important fixes, though, are two zero-day. Microsoft’s latest security patches for Windows 11 and Windows 10 have been released, and they’re packing a lot. At that point why not just use the master password to unlock bitwarden? Case in point Microsoft released a boatload of security fixes on its latest Patch Tuesday, including two zero-day vulnerabilities that have been exploited in the wild. ![]() If using a PIN code to unlock bitwarden: different threat model! If physical access to the device is gained (think customs agent or police), do they only need to crack the bitwarden PIN to access the encrypted data within? If so, that means using a PIN is no longer a good practice since a PIN that can withstand brute forcing would be near the length of the master password. ![]() I’m unsure if changing the passcode with the old passcode has a different rule set than changing it through the method thieves are using, so I could really use guidance here. Potentially, this makes bitwarden vulnerable to this well known and simple attack. If bitwarden is unlocked with Face ID: Does resetting the iPhone passcode force bitwarden to require the master password? I just tested this by changing my Face ID passcode and bitwarden then unlocked with Face ID. I have two questions I can’t find the answer to. ![]() So installed bitwarden with the intent of locking all my passwords behind a separate password manager. The security vulnerability with iPhone where if a thief can get your iPhone passcode by shoulder surfing or by force they can reset the Face ID passcode, and from there take control of your entire digital life has me concerned. ![]()
0 Comments
Leave a Reply. |