
Why Password Managers Are Not the Solution - aogl
https://ao.gl/why-password-managers-are-not-the-solution/
======
rvz
> But what happens if they guess your Password Managers master password?

The author fails to mention the fact that most password managers have multi-
factor authentication which provides additional checks into logging in to a
users account which the attacker will have a hard time finding a way around.
2FA via a phone number shouldn't be recommended at all but a PIN, U2F key /
TouchID + master password, etc should be enough to stay secure.

So even if someone installed a keylogger on your computer somehow and obtained
your master password, they would need the PIN, U2F or TouchID codes in order
to access the manager or even extract a single password. But that depends on
the password manager you use. Open-source or not.

