Dani Posted March 13, 2022 Report Share Posted March 13, 2022 So, I had a conversation with our company's CTO - his opinion is you should remember 2 passwords: 1. Password manager's master password 2. Your main email's password (meaning, do not keep your email's password in the vault) His reasoning is the extra layer of security - if a hacker somehow gains access to your vault, they won't be able to reset majority of the accounts (at least the important ones - like bank and stuff) as they don't have the password for your email. Additionally, he doesn't store 2FAs in the password manager and cringes every time i tell him i do store my 2FAs in the PM. His thoughts on this - again, extra security - use a separate app like Authy that also has a password so even if someone has gained access to your vault, they won't really be able to reset your password (no access to the email) and they don't have the 2FA. Sounds like really paranoid to me (yes, it's secure but it's also inconvenient not to mention I tried Authy and I realized i can't get the 2FA key back, what a bummer). Currently, i do store my 2FAs & Email in Enpass. Curious to hear what are your thoughts on this? Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now