maumay t1_j1n0kv2 wrote on December 25, 2022 at 7:16 PM

Reply to comment by sleepybrett in The Lastpass hack was worse than the company first reported by glawgii

Do you trust the correct implementation of TLS encryption when your credentials are sent over the internet? What difference is there with trusting the correct implementation of password encryption?

sleepybrett t1_j1n61mr wrote on December 25, 2022 at 7:59 PM

I can verify the TLS implimentation in my browser. I do not have access to 1passwords client and server apps source code.

maumay t1_j1nc0xy wrote on December 25, 2022 at 8:46 PM

Ok, like I mentioned there are open source password manager like bitwarden whose source code is regularly audited and which can be verified by anyone.

sleepybrett t1_j1ndo7s wrote on December 25, 2022 at 8:59 PM

I currently use bitwarden because I can host my own backend for it.