Thread 106397132

best password manager?

>>106397132 (OP)
Just use a .txt file on your desktop, retard.

>>106397132 (OP)
Just use a post-it not on your monitor, retard.

>>106397132 (OP)
write em on a small piece of paper until you remeber them retard

Just use your mind palace, retard.

>>106397132 (OP)
BitWarden for 10$/year is pretty good. Their Android and Chrome apps work well. We use 1Password at work and the UX is worse if you ask me same with LastPass. BitWarden is also open source.

>>106397132 (OP)
KeePassXC. XC is sexy.

>>106397132 (OP)
masterpassword.jar

>>106397194
>paying for a password manager

>>106397132 (OP)
what happens if you forget the password for your password manager

>>106397132 (OP)
the rust tranny self hosted bitwarden is the /g/ choice op

>>106397181
>remember dozens of random 32 character strings
Okay, Rain Man.

>>106397525
If you forget your password you lose access, i.e. you're screwed. Although realistically it's unlikely that you forget your entire password so you might be able to bruteforce it with password cracking tools if you remember enough about your password. For example, bruteforcing a 20 character password isn't realistic. But if you remember like 16 out of 20 characters or so, you could probably bruteforce it.

>>106397525
Use your recovery phrase. You did write down your recovery phrase, right?

>>106397132 (OP)
I have use password manager from Google Chrome but I use better way now
>>106397525
you will not lose it in my better way
I now have only one password for everything! every account is the same password so I only must remember one and it is easy and very safe. it is very long so it is very safe

keepassxc with whatever sync solution you want

>>106397132 (OP)
pen and paper

All the important logins have unique passwords that I write down in a notebook, random logins just use whatever password I'm using at the time or something generated.

>>106397194
Why do tou donate money to them?
Its free

>>106397132 (OP)
pen and paper, and not being an idiot.

>>106397524
>b..b..but if you don't pay then you are the product

>>106397155
That's how they caught that one crypto couple btw

Just get this.

>>106397132 (OP)
Pen/cil & paper. There is never going to be a more secure method of keeping your passwords organized and free from malicious code. If they are already in your house, you are cooked.

>>106398771
What about when you need to log in to something and aren't home?

I've used KeePass (KeePass2 originally, then switched to KeePassXC) and synced the database with Syncthing for almost 9 years and I've never had a problem
I still recommend pen/paper for anyone not willing to setup that or any other self-hosted solutions like vaultwarden or whatever though because I will never trust those online password managers

>>106398786
see>>106398754

>>106398786
How often does this happen for you?

write them all over yourself with a permanent marker. people will just think you are a schizo writing inane shit on yourself.

https://www.passwordstore.org/
I keep it simple all I need is pass

>>106398853
Very rarely, but it has happened.

paper and a vault

You get a keylogger on your computer and the password manager can't help you.

>>106398906
that's not how keyloggers work
autotype obfuscation and autofill exists
if you said clipboard hijacking or click jacking like the recent vulnerabilities have shown for browser extensions sure

>>106398925
what about having a physical keyboard that has a firmware level keylogger on it?
I mean any malware on the computer in general.

>>106398906
You still have to type in the passwords to log in. The protection is MFA (and not picking up keyloggers in the first place)

>>106398786
small piece of paper and hide it in ur wallet

>>106398892
I asked because you have three options, to prevent exposure but still retain access; it requires some forethought though.
If you know you are going to need them, then right them down on a piece of toilet paper or a small piece of paper and carry a lighter to dispose of them in a hurry.
If you don't want to secret squirrel, then create a small email to yourself with curated passwords(you are capable of remembering one password for your email, I hope) and then dispose of the email when you are done.
Keep a locked zip file with passwords as an attachment in your email. You don't even need to extract the contents to view the needed passwords.

>>106398992
>right
>incorrect
write*

>>106397155
>>106397168
>>106397181
>>106397185

Don't do this.
Many people do, but don't.
This used to be ok for me but eventually you get old and forget them.

But I actually encrypted them with a mental algorithm on paper, so it got confusing.

>>106397194
>paying for a pw manager
wow, it's like you want corporations to know your shit.

>>106398126
Important ones I wouldn't recommend this.
I found a book of passwords at a McDonalds once. He was lucky I just threw it straight into the bin.

>>106398906
Doesn't help. Safes are easily cracked.
You need to encrypt them with a mental algorithm or a permanent equivalent of a one time pad. Basically cold war tactics still work.
Computer stores are crackable, but generally do fine. It's things for top secret information that need this.

So passwords to encrypted drives.

>>106397132 (OP)
KeePassXC if you need it as an individual and not organization.

>>106399076
The safe is just a decoy. I have the real passwords hidden in a secret compartment in my house.

You just proved you wouldn't find them. kek.

Probably not the best for your password, but with regards to encryption autism, for me, it's the OTP.
https://en.wikipedia.org/wiki/One-time_pad
It's just cool how such an old method is still effective.

This is now an encryption autism thread.

>>106399112
If it isn't encrypted then it's still not safe.
Even people before good computers knew this. Just look at enigma. Arguably part of the reason why computers even exist is to encrypt your ass (Turing helped the poles that cracked enigma). The internet just complicated that purpose with malware.

Honestly, an isolated and simple encrypting machine is your best bet. Even that has issues, as obviously enigma was cracked. But that's still much better than a safe.
Your brain isn't that safe. There are interrogation methods to drug your and get it out. This is why Guantanamo exists.

>>106398992
Didn't know that this was a YLYL thread. Anyway, lost.

Moved all my passwords, which I used to store on Microsoft Edge, to Bitwarden recently

It's alright and, most importantly, free

KeePassXC, use a randomly generated word-based password as your password for the database (which you can create within KeePassXC), it should be 6-10 words long with a random number at the end of each word, each word separated by a hyphen.

Make sure your database is encrypted, and store the database inside a veracrypt encrypted file container, using a different password for the container, make that password using the same method as mentioned before.

Regularly (at least once a week) back up your password database file to a usb stick or some other file-storing device. The first time you do this, move the veracrypt file container into the USB, and then unlock it and you can start backing it up into there. I don't recommend deleting old backups, they only take up a few kilobytes and can save your ass if you accidentally delete a password. Store the USB in some sort of sealed, airtight container, preferably something small, my old pill bottles work fine. This is very good incase of a flood, leak, or something else. It also just helps protecting the USB from the elements. I recommend using multiple USBs for backups and storing them at different locations. I also recommend storing them somewhere you won't usually rummage through, or somewhere where someone might go rummaging through. You don't want someone to find your USB, even though it's encrypted, because you don't want to loose your backups. I just have my USB hiding behind a book on my bookshelf, and sometimes in my flag collection that isn't on the wall.

MAKE SURE EVERYTHING IS FUCKING ENCRYPTED, if that wasn't obvious already.

You could also use syncthing if you want to sync the database file between multiple devices.

>>106399177
This is a "what's the most impractical and insecure method of encryption thread".
None of these answers are good kek.
Then again, 4chan used to be certain about specific methods with pw managers, then those managers got cracked a few years ago, so they're utterly useless now.

When you're dealing with technocrat cartels, you need to go batshit insane with your encryption methods now. That means off the grid generally now. This is just what happens when the NSA have so many backdoors into your shit.

Personally, build your own device. Don't rely on third party.
If you cannot afford that, you are not truly protected.

The amount of corporations and agencies that don't even do this stuns me to this day.

Software encryption simply doesn't cut it for me anymore. You need a robust hardware form of encryption that nobody else knows.

Intel, Nvidia and AMD are probably the most leveraged with their ability to manufacture very sophisticated methods, but they have government and corporate eyes within their place all over the joint.
So ironically small fry with hardware sophistication might have the biggest opportunity here. hmmm.
>IC startups

Alternatively, go old school and use mosfet circuits. kek
Weird times.

>>106399272
>>106399314
>muh NSA
What's with people attributing godlike powers to government spooks? Encryption works, you can't backdoor math.

6th for KeepassXC+Syncthing. Just works. Bonus points for self hosting stdisco and your own relay but the public ones work fine and the e2ee is probably ok.

>>106397132 (OP)
I just use standard notes.
Password managers are too r3ddit for me.

>>106397132 (OP)
just write password in paper
be very careful not to publicly expose paper containing the username and passwords

also be careful when you don't lose paper containing username and passwords

>>106397132 (OP)
i just do password recovery every time

>>106397132 (OP)
I just use passkeys

>>106397132 (OP)
Spreadsheet of usernames and incomplete password hints. Vastly more reliable that relying on memory alone for 60+ accounts, but also uncrackable because the complete password is never actually recorded anywhere (unlike a cypher or other obfuscation).

>>106399253
I dont see the point of having it in a vercrypt container. If they can crack the veracrypt password, then they can crack the keepass password. It just adds more for you to remember.
>wait was this the seventh word of the veracrypt container or the keepass database?
Or worse, you have to unlock both a veracrypt container and a keepass database everytime you want to enter a password. It's bad enough doing it with the keepass.

usb seems unnecessatry too. Just use syncthing instead, ti will keep everything up to date across devices. Well of course this somewhat depends on how many devices you have, if you only have a phone then yeah a usb is necessary. If you do use a usb just keep your most important passwords and stuff there, you dont need to back that up weekly,

Redpill me on / explain to me FIDO2
I can use PKI to login to websites as long as the website supports it? So no passwords, just an authenticator app?

https://fidoalliance.org/passkeys-directory/

>>106397132 (OP)
I'm still just using Password Gorilla. Tiny, portable, and doesn't need internet access.

>>106397132 (OP)
use lastpass like a normal human being

I auto save mine via the firefox pw manager
I have a very complicated pw for my firefox account
Is there a reason why I should switch to a dedicated pw manager?

>>106400845
>use this close-sourced proprietary vendor-locked cloud-hosted service, like a normal human being
you wish, mr. bright

>>106397132 (OP)
Let me guess, you need more?

If you want to use Bitwarden, make sure to self-host. Their public service is atrocious. Otherwise, 1password is great, but not open-source. KeePass is great, but you have to set up sync and avoid conflicts.

>>106397132 (OP)
keepass

its genuinely baffling that anyone would use anything besides a self hosted vaultwarden instance lmao

use bitwarden. you can host it yourself if you want. there's a good client for it with a native material ui called keyguard. use keepassxc if you'd rather simply have a file or don't wanna deal with webapps and electron.

You may think your're special but your real threat level is chang and Rajeesh and... of course corpo either stealing your data in a repair shop (You retards use it) Or you downloading some shit/getting caught by some exploit/leak.
If you're not mentally retarded (Since you post here) You can easily host your own vault warden instance and use bitwarden be it compiling from source or downloading the app and be done with it.
You should also either use a hardware key or OTP on that vault as well to deny Rajeesh/Chang their climax if you get hit.

>>106401651
name me 1 (one) good (!) reason to host and use a bit/vaultwarden instance, over just using keepass that you sync between your devices with syncthing. what do you need the whole server for, unless you provide the service to an organization?

>>106401739
running a podman container is easier than doing all of that and has more widespread support than you cobbled together piece of shit setup

Do you retards unironically use different passwords for different accounts? Get a life.

>>106401790
>this whole client-server stack inside a container, that runs remotely inside a vm, is somehow (!) simpler (!!) than just having a serverless air gapped client-only workflow
your setup is a definition of "cobbled together piece of shit setup" with all that machinery
>has more widespread support
what kind of support? can you be a bit more concrete?

>>106397132 (OP)
self hosted passbolt

>>106397132 (OP)
Self-hosted bitwarden, Keepassxc, pen and paper, your brain, random bible verses.

>before
>username and password fields are both visible
>press pwm extension autofill shortcut key
>press enter
>i'm in
>now
>only username field is visible
>autofill
>enter
>now enter password
>autofill
>enter
>now enter 2fa
>autofill shortcut doesn't work
>have to ctrl+v
>enter
>finally login

Why the fuck do they do this?

>>106397132 (OP)
uhm literally just use the apple one like a normal himan??

>>106402047
>air gapped
>syncthing

you do not know what that means

Bitwarden
It just werks

>>106402193
its easier

>>106397194
>>106397207
>>106399094
>>106401248
>>106402471
elite password manager users have "password123" as their secure master pw btw

i know because that's my master pw. no one cbf to pick a complex pw to type

>>106402047
you are amazingly stupid, i almost envy how little you know

>>106402388
>dude, semantics!
okay, sure. syncthing transmits data over a local network. how does it change anything, other than quibbling? if you want real air gap, nobody stops you from syncing the database physically with a usb.
>>106402662
>heh, you're so stupid! i won't even tell you why!
see? you went full ad-hominem, attacking me and not the argument.

>>106397132 (OP)
KeePass, synced via dropbox

>>106397525
KeePass has a recovery page youre supposed to save. I sync it to my Dropbox and only my wife and lawyer can access it

redpill me on pass. just pass. it's made by a gentoo guy iirc

I use bitwarden but I add the word FAGGOT to every randomly generated password, so if someone has access to my BW all the passwords will be useless if they don't type FAGGOT at the end

>>106399048
That thing isn't leaving my house, none of those accounts would require me to login to them while I'm out. I can just go home.

>>106402762
The redpill is that it's an abandonware that leaks your metadata and uses gpg for encryption. Don't bother. If you want something local, then just use KeePass.

>>106397132 (OP)
KeePassXC

>>106397132 (OP)
With the recent password manager hacks, writing your passwords in a physical notebook is unironically more safe than using a password manager.

god i fucking wish my workplace had one. it's annoying as fuck to deal with 20 passwords.

>>106397132 (OP)
the one you make yourself

>>106397525
you dont. if you use a password manager you want to store all your passwords in it. meaning that you need to type in your master password everytime you need to access any other password. it would be the only password you need to remember, which is the whole point of a password manager. and typing the same password over and over again will make you remember it no matter what.
my master password over 60 characters long and its absolutely no problem to remember for me.

>>106399076
getting access to your PC is theoretically possible for anyone on the entire planet, assuming your PC is connected to the internet at all.
your safe is a physical location that youd first need access to.
even if you put your safe out on your driveway, the only people able to access it are the ones that can physically get to your place.

>>106402520
I mean, it doesn't matter what your master password is so long as you are keeping your password manager file secure. I think most people using a password manager can get away with that since they probably aren't posting their file on catbox or something

>>106397132 (OP)
>picrel
>literally everything is a glowing pos
Behold, the real password manager

>>106402967
>noooo the software must be updooted or it's le BAD
Also 90% is done by GPG which gets updated, the last 10% are mapping of files and calling GPG.

You can use PowerShell, bash, python or anything really to run sha256 over a password file with a known key.

>>106406253
> sha256
not for cryptography

>>106397132 (OP)
Been using keepass for years and since recently trying out self hosted vaultwarden.
Never a cloud based password manager, let alone a subscription based one, that's pants on head retarded.

>>106406389
well how is it compared to keepass?

How's the new password manager from Proton?

>>106398906
This is the lockpickinglawyer and today I will show you how to unlock anon’s safe with a magnet and a small wire.

>>106397132 (OP)
self hosted vaultwarden or KeePass
If you're not a complete schizo and understand how zero knowledge works then Bit warden

>>106398089
copy paste is my sync solution
it's not like you are making new passwords every day
it's a rare occurrence