DEV Community

Discussion on: How to properly use passwords

quantumsheep profile image
Nathanael Demacon Author

I couldn't hope for a better comment 😮

You made a counter argument in your first paragraph, if only accessing your file system can lead to a theft of data then it's not safe at all. While browsers don't really protect your passwords because of a lack of master keys, password managers does that very well. But remember that some self-hosted password managers are stored locally, that means that it can be taken and deciphered (depending on your master key).

Auto-generated passwords can be really bad when it's generated from a website or a platform that has internet connection. They can store them in their database, so your password could not be really safe. On the other hand, it's safe to generate it locally.

By the way, every passwords can be taken by phishing (2FA inclued).