urn:uuid:955ed151-8a26-5025-b75b-b761ec470949 Topic: Authentication and Passwords – Ctrl blog Daniel Aleksandersen https://www.daniel.priv.no/ Copyright © 2021 Daniel Aleksandersen. https://www.ctrl.blog/assets/favicon/favicon.svg 2021-02-23T19:42:00Z weekly 10 urn:uuid:9a53d927-a9c7-49f4-a79a-6b6e6f14a798 2021-02-23T19:42:00Z 2021-02-23T19:42:00Z Be wary of file sync conflicts with KeePass apps on Android An investigation and comparison into how KeePass-compatible password manager apps for Android handle external changes to an unlocked password vault database. <p>KeePass is a tried and tested open-source encrypted password manager available for Windows. You can also use one of the many forks for Android, iOS, Linux, macOS, and other operating systems. KeePass has created the defacto standard for encrypted password vault/database files (<code>.kdbx</code>). Syncing the vault files between your computers and Android can cause problems with some KeePass apps, however.</p> <p><a href="https://www.ctrl.blog/entry/keepass-file-conflicts-android.html#src=feed">Read more …</a></p> urn:uuid:d4ba67d5-78b1-45a3-ad80-958a43835501 2020-02-17T19:25:00Z 2020-02-17T19:25:00Z How to back up your password manager Plan for the day your password manager stops working. Backing up your password manager is harder that it sounds. <p>Password managers aren’t infallible. They suffer service outages like every other service. Yet, password managers ask their customers to trust them completely. They’re a single point of failure and are difficult to back up.</p> <p><a href="https://www.ctrl.blog/entry/password-manager-backup.html#src=feed">Read more …</a></p> urn:uuid:eca10cee-3e37-4876-956e-4942ae01b38c 2019-07-07T01:08:00Z 2019-08-04T21:15:00Z Feitian MultiPass recall highlights need to use multiple security keys The recall of the Feitian MultiPass FIDO security key demonstrates why you always should use multiple security key products from different vendors. <p>You may remember that I picked up a couple of different security keys last year and wrote about Firefox, Security Keys, U2F, and Google Advanced Protection. One of the keys that I got, the Feitian MultiPass FIDO Security Key, was recalled in May 2019 over a security issue.</p> <p><a href="https://www.ctrl.blog/entry/feitian-multipass-recall.html#src=feed">Read more …</a></p> urn:uuid:30f3197b-9854-419c-a8a1-562b7353e7d5 2018-07-27T00:27:00Z 2019-01-19T17:22:00Z Update after 3 months with Bitwarden Bitwarden has fixed the security issues outlined in my Bitwarden review. I also discuss some missing features from LastPass and issues with the Android app. <p>Three months ago, I wanted to move away from LastPass  —  who’ve lately have been dropping support for Firefox and other platforms  —  to an open-source password manager.</p> <p><a href="https://www.ctrl.blog/entry/bitwarden-3m-update.html#src=feed">Read more …</a></p> urn:uuid:5f2bec03-79f2-4dfc-868d-37536b35170d 2018-07-09T14:49:00Z 2020-04-14T00:12:00Z Firefox, Security Keys, U2F, and Google Advanced Protection How to use U2F security keys with Firefox and Google’s Advanced Account Protection. <p>Advanced Protection for Google Accounts uses a legacy web technology that’s only partially supported in Firefox. Here is how you get started with physical security keys and extra protections for your Google Account in Firefox.</p> <p><a href="https://www.ctrl.blog/entry/firefox-u2f-google.html#src=feed">Read more …</a></p>