Ok, but if there isn't a high-entropy sequence of "something you know" somewhere... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		samatman on Oct 20, 2024 \| parent \| context \| favorite \| on: Apple Passwords’ generated strong password format Ok, but if there isn't a high-entropy sequence of "something you know" somewhere in the system, you've created some pretty bad failure modes. 1Password requires a master password periodically, but can otherwise be unlocked by AppleID (presumably also true for secure-element biometrics on other platforms). I maintain that a good secrets management system has a number of passwords which should be memorizable (and memorized) which is greater than zero. Possibly by only one element.

gregjor on Oct 21, 2024 [–]

Every password manager I know of, including Apple's, requires a strong password to unlock the vault. FaceID or YubiKey allow me to bypass typing that so often, but anyone trying to get into my accounts or password manager would have to know the strong password and get past the physical/biometric 2FA.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact