Hacker News new | past | comments | ask | show | jobs | submit login

If you lock your password database with a long, secure password that you know, then you are still doing it "right".

If your password database is not encrypted with a strong passphrase, then you are right, they both become "what you have".

Ah, that's true.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact