Hi - thanks for the very prompt and detailed response.
In the related thread (the source of this discussion) I had indicated I already had a 16-character randomly generated password.
I’ll accept your view that this may be overkill, but I’ve not yet convinced myself about the idea of reducing it to a more manageable length while still retaining adequate security. I’ve read the numbers and done the arithmetic, but it hasn’t quite sunk in with me at a conceptual level yet.
Another weakness I have is that I also find it difficult to comprehend fully the passphrase idea. All these words are dictionary words and every hacker will have that list. I still feel that performing a run-through of known words, four times in succession, to assemble potential passphrases seems such an easy task .
How is the original topic - biometric login - of the previous thread limited? I’ve realised that I don’t actually know. The generally accepted view is that everyone’s fingerprints are unique. However, once your finger (only one, not a combination of 10) has been read and stored somewhere, how is that identity recorded? Is it encoded as a number or string, and subsequent readings of your finger simply need to match enough portions of the string for access to be permitted?
(If this discussion is extending too far away from Bitwarden and its support, then please don’t waste time or effort. Your replies have been excellent so far, and I don’t want to turn this in to a general purpose discussion with no product focus.)
Thanks again.