DEV Community


Discussion on: Outsourcing security with 1Password, Authy, and

victoria profile image
Victoria Drake Author

Thanks @savagepixie ! And thanks for raising the question. I think @rob is on the right track. Browser password managers used to be a lot less secure than they are now (2013) but even recently, I've seen some claim they're not very well thought-out. I haven't tested them myself, so I can't confirm or deny.

I'll note, though, that not all browsers continue to pay the same level of attention. Firefox has Lockwise, which is sort of a browser-based password manager, but one much more similar to 1Password than any other I've seen. It has standalone apps, and uses your Firefox account to encrypt your synced data using your password with (they say) 256-bit encryption. Mozilla also has a partnership with Have I Been Pwned, so you'll get alerts if it detects previously breached credentials. As a bonus, it's open source.

Sounds perfect; so why am I not using Lockwise? I'm a Mozilla fan in general; open source, even more so. Unfortunately, in the world of password managers, Lockwise is relatively new. Even apps built by excellent people need some time to work out the kinks. I'll probably check back in a couple years and re-evaluate.

TL;DR: depends on the password manager.