Security of Pin unlock with the browser add-on


#1

I would like to know how safe it is to log in to your account with the browser plug-in via a pin instead of the master password. How do you identify the browser/ hardware and how do you ensure that hackers can’t forge it? In any case, what length should the pin at least have?
Additionally, is the same method applied for remembering a device with respect to 2FA?

Thank you for your help!


#2

Hello!

PIN is not as secure as long and secure master password.
However, PIN can be useful in case you are highly sure that:
a) Computer is not infected and will not be infected;
b) No one from your co-workers/friends knows that PIN.

Overall the PIN is sufficient enough. To steal your vault’s content via malware must be specific targeted attack. I personally haven’t heard any info-stealing trojans that target password manager’s files (to steal their content).
However, this does not mean that they do not exist.

Overall it comes down to your personal preference - do you want to have more security or ease of use.

2FA is another story and I’m afraid I can not comment on that.