Each password is a PGP-encrypted file, encrypted to security keys. The files are backed up in different places, including my laptop and my phone. The password manager app runs offline, so it has no reason to suddenly fail, but even if it did, my passwords are just encrypted with PGP, so I will never be "locked out".
I find it very unlikely that it would get compromised: again it's encrypted to security keys. If my device is compromised, the attacker can extract the passwords that I decrypt while the attacker has control, but not the whole database.
To lose my passwords, I would need to simultaneously lose all the copies (on my devices, and on the cloud). To lose access to my passwords, I would need to simultaneously lose all security keys.
Doesn't feel like a single point of failure. Or do I misunderstand what you mean by that?
alt Hacker News
How do you mean that?
Each password is a PGP-encrypted file, encrypted to security keys. The files are backed up in different places, including my laptop and my phone. The password manager app runs offline, so it has no reason to suddenly fail, but even if it did, my passwords are just encrypted with PGP, so I will never be "locked out".
I find it very unlikely that it would get compromised: again it's encrypted to security keys. If my device is compromised, the attacker can extract the passwords that I decrypt while the attacker has control, but not the whole database.
To lose my passwords, I would need to simultaneously lose all the copies (on my devices, and on the cloud). To lose access to my passwords, I would need to simultaneously lose all security keys.
Doesn't feel like a single point of failure. Or do I misunderstand what you mean by that?