I‘d not consider myself technologically unsavvy but I can‘t really understand how a password managing app on my phone can keep my passwords safe?
By that I don‘t mean what kind of encryption technology is used, I just can‘t believe that I really CAN trust a company not giving/selling all my passwords (or losing them to a hack).
That‘s also the reason why I never use apples pw manager for example.
Am I overly cautious? Is it safe to store my passwords in a pw manager app?
Maybe someone that understands the technology/encryption behind such apps can help me
In: Technology
A password manager is another party you need to trust but there is a point where you do just have to trust someone.
If a company that makes the web browser you use wants to steal your passwords, they can. They can just grab them straight from the password field on the webpage, they can read the keystrokes as you type, etc. In your example of Apple’s password manager: If you use Apple’s browser it doesn’t matter if you don’t use Apple’s password manager.
Unless you meticulously check the source code of your browser and compile it yourself ([and you trust your compiler](http://genius.cat-v.org/ken-thompson/texts/trusting-trust/)) you cannot guarantee that whoever built your browser (or whatever piece of software you’re using) isn’t stealing everything you put in. You just have to trust that they are morally upright people, or more realistically, that they have more to lose than gain if they did that.
Latest Answers