iPhone Vulnerability

Tander said:
There's zero chance they got into the phone. Unless they guessed the PIN number within 3 tries or so as after that it starts setting a timer on the lock screen and you have to wait before you can try again. Each wrong try increases the time.

As for password managers. I disagree with @SauRoNZA - I use 1Password and it works Bette than Apple's implementation. I use apps on the Mac that need a password and Apple's system, won't pic that up unless the developer as catered for it (A lot of times they don't). Also I keep other things in there like CC info which makes it hand to access when I need it.
Click to expand...

To be fair I was putting myself in the shoes of Joe Average where the lesser complex way in which iCloud Keychain just works is better for most users.

That being said due to company policy I’ve been locked out of iCloud Keychain on my work Mac and so I’ve been using a self-hosted Bitwarden instance for most of my needs which works equally well but is a little bit more cumbersome for being third party.

But I do agree the real magic of iCloud Keychain is when it’s fully integrated. In my case it’s very rare that it’s not so it all comes down to which apps you use.

On one hand if someone is using an iPhone only from the Apple ecosystem I want to say all the more reason to use just the Keychain. At the same time because their other devices wouldn’t be compatible with it you need a third party tool to sync across devices.

Even so as a Bitwarden user privately and a LastPass user for Enterprise I think iCloud Keychain is the better product for Joe Average. Especially the older generation...

Between an iPhone and iPad only workflow it’s fantastic, but yes I can agree when the Mac comes into the mix you may want a little bit more from it.
 
SauRoNZA said:
That being said due to company policy I’ve been locked out of iCloud Keychain on my work Mac and so I’ve been using a self-hosted Bitwarden instance for most of my needs which works equally well but is a little bit more cumbersome for being third party.
Click to expand...

Is it accessible within home network only? IE: Can only sync if connected to home network?
 
AdrianH said:
Is it accessible within home network only? IE: Can only sync if connected to home network?
Click to expand...

Of course not, that would make it quite useless, or at the very least inconvenient as it would only sync when home.

I run mine behind a Dockerized Nginx reverse proxy with Letsencrypt certificates on a Duckdns domain.
 
SauRoNZA said:
Of course not, that would make it quite useless, or at the very least inconvenient as it would only sync when home.

I run mine behind a Dockerized Nginx reverse proxy with Letsencrypt certificates on a Duckdns domain.
Click to expand...
Is 2FA enabled? Can it be in self hosted?

I've been throwing the idea of self hosting around, just can't see any benefits at this point as opposed to just using the standard cloud vault.

If I were to run in, it will be dockerised on a RPi with a SSL certificate, and then port forward on my router to that service.

Ultimately though, I would like to believe that Bitwarden running on Azure is more protected due to the infrastructure and people maintaining it, than my limited server security knowledge. I can lock it down, but will it be good enough?
 
Yup I have 2FA as well.

Azure isn’t a magical trick for security. You still need to do it yourself. It’s no better or worse than any home setup done correctly.

It will of course be more reliable in the sense of power and connectivity but also cost money.
 
SauRoNZA said:
Yup I have 2FA as well.

Azure isn’t a magical trick for security. You still need to do it yourself. It’s no better or worse than any home setup done correctly.

It will of course be more reliable in the sense of power and connectivity but also cost money.
Click to expand...
Maybe I'll give this a tinker then. Give me something to do. Thanks
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X