Do you use a password manager, Sup Forums?

zx2c4 pass
passwords are generated with pwgen
passwords are encrypted with gpg
passwords are stored in a git repo

pros:
full history of every password ever used
easy to sync using a git repo on a usb stick
gpg lets me keep the private key on a yubikey
encrypt passwords to multiple keys (share passwords with spouse, backup key if primary is lost, etc)
passff firefox plugin works very nicely

cons:
chrome plugin is lacking, requires external python application
requires you actually understand git to set up your git remote

>If yes, why?
More secure passwords

Yes, using Keepass because i'd rather memorize a single 110-char password than a single password for every account and it also works nicely on Android.

No meme cloud botnet bullshit though, only local files.

I just programmed my own this morning, since no one knows it exists, no one can crack it.

It's really basic though, CLI
To add a new password I just type pwgen in terminal, then I specify password length, it generates a random one for me, I can specify the website and the account

shit is saved on an encrypted file I can load up on my browser

that's about it ; can't delete my passwords through the program though, I have to do it manually but I don't see that happening anytime soon

>If yes, why yes?
>If not, why not?
Ftfy

KeePassX. It's easy to use and does exactly what I need it to. Plus, it doesn't store my password file in the "cloud," so I don't have to be paranoid about someone else being a point of weakness.

We use LastPass at work, which is pretty great for a lot of seldom-used accounts that no one person really owns

I use lastpass, because it works.

Git is like the lease complex thing you have there bud

KeePass + my nextcloud

QTPass makes everything easy, except the git remote part. It has nice push/pull buttons after you get it set, but you have to know how.

Dashlane
>inb4 putting private information in the (((cloud)))
>inb4 spending 30-40 shekels a year

Dashlane.
LastPass and Keepass are botnet.
Don't even have to pay for premium if you aren't retarded.

Same

Please explain how keepass, an offline system, is botnet?

Interested cus I use it, so if you can bring any valid points, I'll consider switching

Ty user

It's only Lastpass that's botnet now that I looked it up. Couldn't remember which one it was so I just wrote both.

Can you tell exactly got you have it set up, would interested in setting up the same thing

I just have a text file because I can't be asked to setup

I use it because websites now a days are making you sign up to view their stupid ass contents and instead of making an account with like passwords that I would actually remember, I just randomize the password since those assholes requires it to be like 8 characters and a capital and number crap.

I don't even have to spend 10 sec to think of a username at all and I can just slam my hands on the keyboard to get a random username

the next time I visit those obscure sites I can get it to autofill for me instead of trying to figure out what my username and password is

I use KeePassX to randomly generate 32 bit passwords for my various account, then upload the database to my Google Drive protected by 2FA.

>compiled github.com/keepassxreboot/keepassxc/ and installed it
On my laptop the AUR had it and made it easy, on my desktop I didn't have compilation stuff set up on windows but the guide on that github repo's wiki was good.
>created password database in a folder
~/.keepass/passwords.kbdx on linux
>installed addons.mozilla.org/en-GB/firefox/addon/passifox/ and registered the plugin/my browser with my keepass database
worked the same on both windows/linux
>installed syncthing.net/
another easy one on arch it was in community repo, just downloaded from their website on windows, was on google play store for android
>added the folder from above in syncthing
pic related are the settings I used. the minimum free disk space setting is a bit weird
>added computers to eachother in syncthing, added phone to one of the computers
>shared keepass folder with each of them
>added all my passwords to keepass
I used a script I found and slightly edited to export from firefox to a format keepass can read. I can find it again if I need to.
>installed keepassdroid on android and set it to read from where I told syncthing to save

it looks more complicated than it is. was a breeze to set up although one problem where syncthing didn't play nicely with a symlink

There is advantages about knowing your password and there are advantages of not knowing it.

Using a password manger is not knowing your password.

The best kind of security comes from a combination of the two. You need to know half of your password and let the other half stay unknown to know

this.

only gripe is username not being copied to clipboard, but i love it besides that. besides maybe i'm just blind and must have missed how to do that, and if so hopefully a helpful user sets me straight

i want to be secure too but i'm a dummy
what does
>No meme cloud botnet bullshit though, only local files.
mean?

Your password database is stored locally on your computer. Not on someone else's computer. If you want to sync it with multiple devices there are many ways you can do that yourself. The main idea with this is that having a system like lastpass where everybody's passwords are stored on the same servers makes for a big juicy target for the bad guys, instead having everybody's passwords stored separately makes for many more, much smaller, less-juicy targets.

>Not relying on rote memorization

What, you can't even remember you own phone number?

thanks :))

How do you guys organize/group your passwords in your password manager? I don't have any organization for mine and it's getting annoying to search for stuff.

I use a Truecrypt container (with password and keyfile).
In it I have lots of .txt files with one password each.

KeePass 2.x

It works and it's not cloud based shit. ChromeIPass extension makes life very easy.

But I just use it for backup purposes. I pretty much never look them up.

you can add websites to the ignore filter to fix it asking you over and over on the same sites.

>security through obscurity works guys!

this to be quite fucking honest

Whats the best firefox extension for keepass?

LastPass
Because it's useful.

I use Wordpad.

> he keeps his eggs in one basket

No. I have only a few (under 10) passwords and they are all written in a notebook.

I physically write it down on two pieces of paper. That way if I lose one I still have a back up. One I keep in mind locked file drawer. The other in a very cheeky place, hehe.

Infrequently accessed accounts, abbreviated as "iaa", accounts I log into frequently, "secure" accounts (banking, bitcoin stuff), and then online educational accounts such as edx, Udemy etc.

I also sort by alphabetical and if I have multiple accounts for the same service I do Gmail000, Gmail001, Gmail002 etc

Just some ideas

>getting annoying to search for stuff
How so?

CTRL+F "gmail"

CTRL+F "mybank"

CTRL+F "Sup Forums pass"

How is that hard?

That's only if you you use botnet password managers. If you use something like password store or keepass, then it's like keeping all your keys inside a safe and only taking them out when you need them, instead of leaving them in your pocket for anybody to steal, because your pocket can only hold so many unique keys, while the keys in your safe are much more secure

I've been using this, alongside the open source GUI QtPass. Everything works well on all systems but Windows.

Thanks user