If someone gets into your PC they can steal the passwords, because the manager saves them in a file :)
You are viewing a single comment's thread from:
If someone gets into your PC they can steal the passwords, because the manager saves them in a file :)
Not necessarily. A good manager encrypts the file. Lastpass is cloud based, but there are alternatives if you want more control. The important thing is that it checks the domain matches the password and doesn't try to log into a fake site. If you do it manually you may be fooled.
Of course it is not necessarily vulnerable, but encryptions can be cracked, and do you still trust online services? After MtGox? After LinkedIn? After Dropbox?I could give you many more examples. I think it is the easiest solution to just change the setting, it takes about 10 seconds, and doesn't have any negative side effects