I understand the purpose of password managers and the fact that there seems to be compensation to accept, but hey, I think that compensation is unacceptable and I wonder if there is a way to avoid it. A password manager introduces a single point of failure, and that single point of failure is also quite fragile: it is the user's machine. And we know that once the machine is compromised, you can no longer trust it, and the damage can potentially affect all the data on that machine, so why should we accept to store? everyone Of our credentials at such a fragile point of failure? I bet the NSA does not have password managers that allow access to thousands of passwords from a single computer, right? There must be some alternative methods to manage the passwords or at least mitigate in some way the only point of failure they introduce.
Many people not only need to store their own passwords, but also the passwords of other people, such as customer passwords (for work), or the passwords of some family members (to provide assistance, etc.). Some accounts are accessed daily, some must only be accessed from time to time and there may be accounts in your password manager that you do not even remember having had. So, why should we accept to put everyone is at risk? Only one infection is needed and hundreds of accounts can be compromised. All accounts: not only your accounts, but also those of others. It is a recipe for a great disaster.
You might think that once your machine is compromised, it will be damaged anyway, so avoiding the single point of failure is not as important as it may seem, but think about it: for the sake of discussion, consider the differences between storing all your passwords in a password manager on your computer and storing them on paper. Ignore the fact that the sheet of paper presents other threats and only concentrate on the consequences if your computer becomes infected. If your machine gets infected and uses a password manager that contains all your passwords, the attacker can get them all. But if your machine gets infected and you're just writing passwords on a piece of paper, what can the attacker steal? Only the passwords that you type between the time of infection and when you discover the infection. Therefore, only some of the passwords will be stolen, not all. Therefore, it seems possible to mitigate the problems related to this single point of failure.
I tried to think of some solutions. I'm not sure if 2FA could really help in case the local machine is compromised, so I'm not sure if online password managers can help more than locals in this regard. I'm afraid not. A possible solution could be to use several databases in the password manager, with different passwords, so that even if a master password is stolen (and the corresponding database), the passwords contained in the other databases will be secure . The different databases could group the passwords according to the frequency of use, the date of the last use or the importance (the PayPal account in a database different from StackExchange) or the property (the accounts of the clients are maintained separated from mine). However, it is not clear which is the best way to group passwords, and soon it becomes quite cumbersome, which leads to remembering several secure master passwords. Another solution might involve some type of obfuscation (made to measure) added to the security by design already provided by the password manager, which I guess would work against most infections (non-targeted attacks). For example, the combination of obfuscation with multiple databases could be done by generating the password for each database with something like
master_password_for_DB = hash (DB_name + supermaster_password), so you do not have to remember many master passwords. Of course, this only works because of the darkness, that is, if nobody but me knows the method. Another solution could be to store everything in a separate device configured specifically for managing passwords (like a phone with connectivity turned off), but that's also going to present some pretty big problems: write a secure master password every time it is done on the device Laptop is more difficult, and there is no way to copy it and paste it into the computer, so you will probably have to read it (a security weakness) and write it down (a nuisance).
Seriously, I do not think I have other ideas at this time.