• Krafty Kactus@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 months ago

    You could use a USB drive that you only ever plug in to open the password manager. It’s not the most secure option but it’s a bit better than no key file at all.

    • mormund@feddit.de
      link
      fedilink
      arrow-up
      3
      ·
      7 months ago

      Can’t use it with a phone though. To be honest, I think just having a password manager gives you protection against 99% of the attack surface. And if someone is really determined, I’m not sure the key file will be hard to obtain for them no matter what. But I was curious what setup others have

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        If someone is really determined to attack you specifically they will just get a wrench.

    • voxel@sopuli.xyz
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      7 months ago

      or store the key in a tpm chip protected by password +biometric auth? that’s what kost OSs do for storing passkeys and encryption keys