Search
Items tagged with: Bitwarden
Tried to force myself to switch to #Proton Pass (mainly for the included unlimited e-mail masking service for only just +$2/year), however, after a few weeks, I fully went back to #Bitwarden. The UI felt sluggish on desktop and on mobile (especially on mobile) and while it looked better than Bitwarden, I just couldn't help but notice how so much of the features were missing.
For starters, you can't even use a YubiKey without setting up TOTP first. That's a dealbreaker for me.
For starters, you can't even use a YubiKey without setting up TOTP first. That's a dealbreaker for me.
Don't store #TOTP in #Bitwarden for your online accounts
https://prezu.ca/post/dont-use-totp-in-bitwarden/
https://prezu.ca/post/dont-use-totp-in-bitwarden/
Don't store TOTP in Bitwarden for your online accounts!
Since I’ve started working in Information Security space, I’ve been talking to a lot of people about the topics related to protecting ones identity online.Patryk Cisek (https://prezu.ca)
#Bitwarden has a vulnerability regression such that the master password and previously decrypted contents of an open vault can be inspected after locking the vault.
https://github.com/bitwarden/clients/issues/3166
https://github.com/bitwarden/clients/issues/3166
Vulnerability: Sensitive information is not purged from process memory on app lock or logout · Issue #3166 · bitwarden/clients
Steps To Reproduce Ensure that the vault contains secret items (e.g., logins, secure notes, etc.), and that "Close to Tray icon" is enabled; to minimize known risks, also ensure that vaul...GitHub