DEV Community

Discussion on: What password manager should developers use ?

Collapse
 
thalitadev profile image
Thalita G.

A lot of these password managers offer the option to use 2FA though, which makes this progress a lot harder.

I think the idea of storing passwords under one master password is a bit like solving one problem and creating another one. The problem that's created is what you described.

However, it also solves the problem that whenever websites and applications you have an account have been breached, it's got a password that people can only use on that specific account, protecting you everywhere else. I believe that's a much more common situation than what you are saying.

People who don't store passwords and memorise all of them are going to reuse passwords. Unless they're that good at memorising every single password. I know plenty of people who just use a single password because they can't be bothered to memorise a multitude of them. Even I had a ton of different passwords but still had to reuse them because it'd otherwise be simply too hard to remember each one of them. Reusing passwords is a lot more problematic than using a password manager, and for the average person it'd be better to opt for the latter in that case. Even moreso with 2FA turned on.

Of course, you're right to say that a hardware solution is the best way to store passwords, and I'd recommend it above everything else as well. It's definitely even more important if you're in the cryptocurrency realm, but that's not so much the majority of people.