Jump to content
Not connected, Your IP: 3.145.81.252
AirVPN
rebellatio

What password manager do you recommend if any?

By rebellatio, ... in Off-Topic

Recommended Posts

OpenSourcerer    1435

OpenSourcerer
Posted ...

I was never fond of password managers as a whole. If you lose the database, you lose it all. That applies to "my HDD gave up on life", "I lost my USB drive" and "someone found out my password and broke into the database".
So I created a sentence containing some info few would know, mixed with the website/service I want to use it on, then take the first letters of each word plus numbers and special characters and chain them to a unique password for every website/service. Keeping track of it was difficult, because... some websites restrict the number of characters (and I still can't understand WHY).

Then I heard about stateless password generators like Master Password. You never have to save or transmit anything anywhere, you only need the application making use of an algorithm. If all input is correct, the algorithm generates the same passwords on all devices. I'm using these almost exclusively now.
One problem with them, and it's not their fault: They do use "exotic" special characters occasionally. In addition to my problem with long sentences above some websites out there are also restricting which characters you can use. So sometimes you really have to switch to a less complicated password type.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

bitcohen    0

bitcohen
Posted ... (edited)

I use Keepass, it's pretty good. You can set passwords to expire which will cross them out in the UI and remind you to update them, and it's encrypted so even better. You can lock it up with a master password, key file and a Windows user lock, which pretty much stops another person aside from the user who created it from opening. I genuinely don't regret it, and I've used other password managers before.

Edited ... by bitcohen
Remove some whitespace under post

Share this post

Link to post

iwih2gk    93

iwih2gk
Posted ...
On 10/13/2019 at 8:23 AM, giganerd said:

I was never fond of password managers as a whole. If you lose the database, you lose it all. That applies to "my HDD gave up on life", "I lost my USB drive" and "someone found out my password and broke into the database".
So I created a sentence containing some info few would know, mixed with the website/service I want to use it on, then take the first letters of each word plus numbers and special characters and chain them to a unique password for every website/service. Keeping track of it was difficult, because... some websites restrict the number of characters (and I still can't understand WHY).

Then I heard about stateless password generators like Master Password. You never have to save or transmit anything anywhere, you only need the application making use of an algorithm. If all input is correct, the algorithm generates the same passwords on all devices. I'm using these almost exclusively now.
One problem with them, and it's not their fault: They do use "exotic" special characters occasionally. In addition to my problem with long sentences above some websites out there are also restricting which characters you can use. So sometimes you really have to switch to a less complicated password type.



giganerd,

If what you said was universally true I wouldn't use a password mgr either.  BUT, most excellent password mgrs allow you to download the file as a csv or json file to use with numerous other services.  I have many multiple backups and could quite easily recreate my accounts by migrating to another password mgr.  I use full U2F for all file access and don't lose one minute of sleep over worrying about data/file loss.  With U2F I don't worry about a hack either.

Share this post

Link to post

OpenSourcerer    1435

OpenSourcerer
Posted ...
19 hours ago, iwih2gk said:

If what you said was universally true I wouldn't use a password mgr either. BUT, most excellent password mgrs allow you to download the file as a csv or json file to use with numerous other services. I have many multiple backups and could quite easily recreate my accounts by migrating to another password mgr.


I.e., your passwords are stored AND transferred, making them not stateless by this definition, which is my point of using mpw: You not only never lose the passwords, you also don't save or send any of them anywhere, not even in encrypted form.
19 hours ago, iwih2gk said:

I use full U2F for all file access and don't lose one minute of sleep over worrying about data/file loss. With U2F I don't worry about a hack either.


Define "full U2F for all file access", sounds exaggerating, no offense. Because I've never heard of a "half U2F", or even "double U2F". :D It's either you use it or you don't. 😮
But 2FA is a valid security point as of today. Although it's a universal concept not barring mpw for example. :)

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

nexsteppe    24

nexsteppe
Posted ...

If you're a heavy Linux/*BSD command line user and already use gnupg, you might like 'pass'.  It's about as simple and lightweight as it gets.

Share this post

Link to post

acyclovir    0

acyclovir
Posted ...

Enpass for 3 years, come from LastPass, Keepass, Master Pasword and 1Pasword, for me, Enpass way better, only think i miss and would like, Local database wifi sync 

Share this post

Link to post

Anarchy-X    1

Anarchy-X
Posted ...
https://keepass.info is the original KeePass and has all sorts of plugins to extend the base functionality. I use multiple DBs and use https://syncthing.net to keep them up-to-date across machines.
Other than that, an open source hardware wallet: https://www.themooltipass.com/
Keep the smart cards in: a minisafe wallet but it's not made as well as I'd hope. It's too easy to break the combination if someone's determined. Best for show and keeping out regular folk & convenience thives.
Open source HW key & certificate: https://www.nitrokey.com/ or Purism's Librem Key
"          "           " 2FA USB: https://solokeys.com

Share this post

Link to post

Daniel15    14

Daniel15
Posted ...

I've been using LastPass for many years, but I'm considering switching to Bitwarden. I like the idea of self-hosting it, and the fact that it's open source means that I can modify it to suit my needs :)

Share this post

Link to post

OpenSourcerer    1435

OpenSourcerer
Posted ...
On 2/9/2021 at 8:25 PM, Daniel15 said:

I like the idea of self-hosting it


I see you're a man of culture. 🧐

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Go To Topic Listing
×
×
  • Create New...