| ▲ | gruez 6 hours ago | |
> If i leave a post-it note of my logins on my monitor, that's definitely less safe than in a unlocked drawer, and so on. Having passwords on post-it notes does make certain types of attacks much easier. For instance, coworkers hacking other coworkers, or people burglarizing the office. None of which really apply to the "If an attacker gains administrative access on a terminal server" scenario. Continuing the analogy, what Edge is doing is like leaving cash in unlocked cabinets inside a vault, and what Chrome's doing is locking those cabinets with a padlock. Sure, having the padlocks makes the cash more secure, but if someone went through all the effort into breaking the vault (terminal server), a padlock probably isn't going to stop them. This is especially true nowadays with AI coding agents and ready-made stealers available for sale online. | ||
| ▲ | forgotaccount3 5 hours ago | parent [-] | |
> Having passwords on post-it notes does make certain types of attacks much easier. It also makes other attacks much harder. Namely I don't need to worry about some zero-day in my password manager. | ||