undefined | Better HN

0 pointsSomeone12346d ago0 comments

Right; but in the scenario of this Tweek, you've invited someone untrustworthy into the vault and are then freaking out because they can see the post-it note of passwords. It is inherently irrational.

This issue is inherently unfixable by ANY password manager, because the process model of the underlying OS isn't itself secure. No obfuscation will work, because the password manager itself needs to de-obfuscation it before use (and that memory too is dump-able).

All adding in-memory obfuscation does it make ignorant people feel better, while not moving the security needle even an inch.

0 comments

stouset6d ago

I think we’re largely in agreement. I do think there’s some benefit in reducing the amount of time that a password is in cleartext in memory. But it’s pretty far down the list.

ignoramous6d ago

> This issue is inherently unfixable by ANY password manager, because the process model of the underlying OS isn't itself secure

Usually the confidential bits are hardware isolated away from the supervisor (host kernel/OS) in Enclaves, Realms, TEEs, or Secure Elements, Security chips, etc.

jazzyjackson6d ago

One more reason to use hardware-bound passkeys and not passwords.

j / k navigate · click thread line to collapse