
Before You Use a Password Manager - smacktoward
https://medium.com/@stuartschechter/before-you-use-a-password-manager-9f5949ccf168
======
smacktoward
_> Given how often you probably use your phone, and how painful it is to type
passwords on a phone, you’ll probably want to sync your passwords to your
phone. If you do, all your passwords will now be stored on your phone. You may
want to review how quickly your phone will lock after you stop using it, and
what mechanisms you will allow to unlock it..._

 _> Do you install your password manager on a work laptop that everyone in IT
has access to? If you spend most of your time at the office, you probably end
up doing a lot of personal computing on your work devices even if you’d rather
be doing them somewhere else._

 _> Do you install your password manager on devices you only use every once in
a while, and thus may not be getting security updates as often as you’d like?
What about laptops you install lots of random software on? What about a laptop
that your family members can also install software on? Are you willing to hand
copy the valueless passwords you need to use on these devices over from a
device you trust with all your passwords?_

I use and rely on a password manager myself, and frequently recommend them to
people. And yet, the above captures a very real problem with password
managers, namely that they are an incomplete solution to the problem.

As the above quotes illustrate, just choosing and using a password manager is
not enough. You also have to essentially define an entire OPSEC regime for
_how_ you will use the password manager. You have to make a lot of complicated
decisions about important tradeoffs, because without them the protection
offered by the password manager is minimal.

And the thing is, we _know_ most normal people won't do this. It's too
complicated and too technical. People don't _want_ to spend their limited time
on Earth weighing the pros and cons of storing their passwords online vs.
offline, or storing their passwords on their laptop but not their phone, or
storing some passwords in the password manager but not others.

A password manager doesn't work if you think of it as a product; it only works
if you approach it as part of a _lifestyle_ , as one component of a holistic
strategy that's calibrated to defeat the specific threats you expect to face.
Most people are never, ever going to do that, and even if they _wanted_ to,
they don't have the level of expertise required to make those decisions, any
more than I have the expertise to walk into a nuclear power plant and start
giving orders just because I saw "Chernobyl" on HBO.

So in a way, the more we evangelize password managers as a silver bullet, the
more people I worry we are setting up for failure. I still recommend them, of
course, because the alternatives are all worse. But we have to find some way
to design secure systems that mesh with the way people actually _use_ systems,
or security will always be a privilege of the elite.

