It is possible to have zero-trust in a password manager and still use it. This is achieved through sandboxing the executable (in our case, this would be the password manager) which simply means limiting the actions the exe can do.

For example, when using Keepass on Windows, you can tell windows not to allow keepass.exe to send or receive any data on the network (internet). This can easily be done by adding a rule to the firewall to block inbound and outbound connections from “C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe”

More advanced forms (and easy to use) sandboxing applications are available for different OS’es, you can do a google search for “sandbox” plus your OS name. (eg. “Sandbox MacOS”).

A Software Engineer with interests in data storage and database systems done right.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store