Most people think their passwords are safe. Most people are wrong. Henry sits down with Ryan Luibrand, Senior Product Marketing Manager at Bitwarden, to cover why open source changes the trust equation, the LastPass data breach, how KDF algorithms work, whether storing your TOTP codes in your password manager is a good idea, and more.🔗 SOURCES & LINKSWritten breakdown: https://techlore.tech/password-manager-security-explained-with-bitwarden/Bitwarden: https://bitwarden.comPrivacy Policy: https://bitwarden.com/privacy/Compliance & Audit Reports: https://bitwarden.com/compliance/Security White Paper: https://bitwarden.com/help/bitwarden-security-white-paper/Security Readiness Kit: https://bitwarden.com/resources/bitwarden-security-readiness-kit/HackerOne Bug Bounty: https://hackerone.com/bitwardenGitHub: https://github.com/bitwarden ⏱️ TIMESTAMPS(00:00) - INTRO (00:52) - RYAN'S BACKGROUND (02:07) - BITWARDEN ORIGINS (03:09) - BITWARDEN TEAM (03:29) - FUNDING (06:18) - OPEN SOURCE (08:18) - AUDITS (10:11) - FORKING (11:19) - INTERNAL VS. COMMUNITY DEVELOPMENT (12:21) - SELF-HOSTING (14:13) - NEW NATIVE APPS (16:38) - ARE PASSWORD MANAGERS SECURE? (21:08) - WHY USE A DEDICATED PW MANAGER? (23:08) - CONCERNS WITH THE CLOUD (25:39) - ARGON2 (29:16) - USERNAME KEY GENERATION (31:06) - LASTPASS DATA BREACH (37:17) - WHAT CAN BITWARDEN SEE? (39:40) - WHERE IS BITWARDEN DATA HOSTED? (40:18) - GOVERNMENT REQUESTS (41:08) - "EGGS IN ONE BASKET" ARGUMENT (43:57) - 2FA & BITWARDEN AUTHENTICATOR (47:39) - PASSKEYS (49:04) - COMMUNITY VS. ENTERPRISE (50:17) - RYAN'S SETUP + ADVICE (53:45) - THIRD PARTY INTEGRATIONS (54:20) - AI (56:16) - PRICING (57:15) - F-DROID APP? (57:54) - LINUX APP? (58:12) - MORE THOUGHTS ON CLOUD SECURITY (59:10) - FINAL THOUGHTS (59:55) - WHAT'S NEXT? 🎥 VIDEOWatch on YouTube 🧡 SUPPORT TECHLOREKeep Techlore Talks independent & growing: ★ Support this podcast ★