Guys, well this one of most replies then any thread i thought i would share the video its important and must watch it he's genius!
I do not see the purpose for something like this in times of 2FA/MFA/OTP - You do not need to store these information's inside a Password Manager use a YubiKey instead or other stuff Like a Authenticator for your Smartphone that uses Cloud Backup just in case.
The double blind just defeats the purpose of two-factor authentication and since people are trying to take a easy way - We then tend to use something like:
-FirstName
-KidsName
-Birthdate
-PIN / CVC
To remember stuff easy.
So the basics in Password Security is to have the following:
- Who you are - Password Manager
- What you know - Password Manager
- What you have - Authenticator
To come to a point if you do not trust your Password Manager to keep your information safe - Then it is like lots of things in life "TRUST"
For me as an example:
I Trusted 1Password and have to say great service - But it came down to - Were is my Data - How expensive is the Service per year and is it really that secure?
I choose to go to BitWarden because even as a private person I can use the Self-Hosted service - Move it to a Datacenter I trust - Build a Secure Tunnel (Site to Site VPN) - Everything else is like OTP and stuff is in my Phone and I only Trust Sites that use some way of Two-Factor-Authentication - Everything else gets a generic E-Mail - Password mix with a Trashmail Address from
Mailinator
Otherwise it just defeats the purpose of a Password Manager in terms of Super Strong Passwords and ease of use.
Sincerely
Val.