What does Sup Forums use to store and manage passwords?
>scribble it all down on papers that I have hidden somewhere >have to remember all of them for when I cannot access my notes >don't trust lastpass etc. >digital offline seems too easy to lose even with backups
Is Spideroak Encryptr any good? It's GPL'd and seems pretty simple
Firefox with master password and backup exported to password protected Excel workbook.
Cooper Price
Pen, pencil and paper, and I lock them in a safe.
Landon Johnson
>What does Sup Forums use to store and manage passwords? My brain. I have 26 passwords for all of my different accounts, hard drives, and users. The passwords are very similar except that I change the first and last 5 characters depending on what the password goes to.
Luke Morgan
this too.
Ethan Ward
I use 4 to 6 character "chunks" that I mix and match.
Ryan Nguyen
Keepass is the way to go for password managers. Integrates well into the browser but doesn't store your passwords in a cloud. You can also use it on mobile for free and it has plugin support.
Mason Rivera
What happens if you forget your combination?
Josiah Diaz
What happens when you die or have amnesia?
Elijah Russell
I have the combination written down on the bottom of it.
Adam King
So what's stopping the FBI or any private party exempt from 4th Amendment restrictions from looking at the bottom of your safe and sending your dick pics to your girlfriend's father?
Cooper Harris
pen and paper what fucking else would you use?
Henry King
Pen, paper, which i roll and shove into my urethra
Luis Russell
i use my brain because i'm not a fucking simpleton pleb.
Zachary Lopez
I use pass (passwordstore.org/), the standard unix password manager. It has a command line interface by default but there a community run gui in qt. It uses gpg for it's encryption and uses git to sync between devices.
Chase Reyes
how safe is using a master password for firefox?
Luke Reyes
Your brain and passwords are shit
Michael Sanders
I'm using LastPass now, seems good to me.
Blake Roberts
Same, except 16-characters. I was diagnosed with the 'tism last year, too, haha.
Nicholas Jones
Might as well call the NSA when you forgot a password
John Martin
Please give me bunga bunga yes
Levi Morales
I have 5 different ones or so.
Same for PC unlock and G-mail General use password for non important services One for Facebook One for Dropbox because of the hack One for financial like PayPal and amazon
Juan Ward
Just started using 1Password myself. Great interface, secure even after that Cloudflare fuckup, and separate 24+ character passwords for each account I have. Shit's nice.
Owen Williams
I AM BEING SICK OF WAIT FOR BUNGA BUNGA NOWW
Evan Edwards
how hard is it to even break?
Wyatt Foster
That's not even the point. How has the idea to store and manage all your passwords on someone else's computer ever become popular? Especially companies big enough so that you can be 100% they have backdoors
Lucas Brown
TSM
Oliver Anderson
KeePassX on Manjaro KeePass 2 on Windows KeepPass2Android on Android
Christian Jones
Good luck making it impossible to change passwords when one of them gets compromised, and also getting all of your accounts compromised when any one of the passwords get compromised.
>password crackers know all of your little memory tricks >your personal memory trick is not special, and you're not a special snowflake >a few consumer GPUs can burn through TRILLIONS of guesses per second
Leo Flores
cool entropy, bro
i'm in the process of switching to lastpass with 2fa for most of my shit. not really worried like some people. it's been audited and its implementation is solid.
James Murphy
I'm using 2fa as well, using duo and google authenticator.
Caleb Walker
Is it safe to put my database file in a dropbox of the file is encrypted anyways?
How many character password should my master password be?
Robert Brown
>The passwords are very similar except that I change the first and last 5 characters depending on what the password goes to. yeah, well, this does literally nothing, might as well use the same one
Robert Martinez
KeePassX / KeePassDroid Only have to remember the passphrase and either PC login or phone unlock combination.
Xavier Adams
Anyone using selfhosted pass manager such as vault or passbolt? I'm interested in hosting these 2 locally, anyone have deployed this 2 on their network yet?
Wyatt Peterson
how safe is a password protected excel sheet?
Jose Wilson
>>digital offline seems too easy to lose even with backups You can additionally upload the password database to cloud storage providers. If your master password is strong enough, you don't have to worry.
In the worst case, you usually have a "forgot my password" mechanism which lets you reset it.
Eli Young
Very secure. Which you'd find out if you'd just bother to search.
Ryan Hughes
Do you even know what Master Password for Firefox is?
William Hernandez
what risk will be greater?
-police doing that -random korean hacker tries to get to your back account.
the latter is probably happening right now
just us something non-digital to safe passwords. like at the first page of a book in your room
Josiah Sanchez
>>scribble it all down on papers that I have hidden somewhere >>digital offline seems too easy to lose even with backups I don't get this meme.
>house burns down while you're away >lose all your passwords A proper backup is just as good as scribbling it down somewhere. An online backup (i.e. it's stored in a different place) is even better.
Grayson Diaz
Has anyone used Spideroak Encryptr or has any experience with it? developemnt doesn't seem active any more on it
Aiden Hall
I use lastpass and I let it generate 48 character length passwords for my all other shit.
Adam Robinson
I've been doing this also, but I'm getting a bit anxious lately over the possibility of a person getting one of my passwords and then have instant access to every website... Talk courage into me user? Please?
your password is generated based on your master password, name and website
Landon Richardson
Might as well use a password manager app on the smartphone (and your personal PCs) and generated passwords. You'll have to remember less and it's just as, if not more, secure.
Chase Walker
This Keepass is the best locally saved password manager.
Company I work for we built a password cracker and that thing can chew through almost anything but keepass files. as long as you change the password to the DB every now and then its basically perfect.
For cloud based last pass is hard to beat. Yeah they have been popped but they salt the passwords to unbelievable levels. By the time anyone got around to actually breaking into an encrypted dump the passwords would already be changed and worthless.
Nathaniel Miller
>IOS only
no
Dylan Williams
What are some good plugins for Keepass2?
Nathan Turner
I don't
Aaron Moore
Hope that's bait. Both are easily broken in seconds
Owen Harris
I was going to say the same but figured its either bait or someone who literally has no idea what they are talking about.
Hudson Nelson
>Both are easily broken in seconds I have no idea about Excel.
But Firefox will encrypt the passwords with your master password using 256-bit AES. It is very secure. Unless you're using Firefox Sync to sync passwords.
Christian Nguyen
>encrypting my 3tb external hdd with 1 pass wipe >estimated time 40 hours
John Lewis
paper and pencil is insecure against keyloggers.
Isaiah Price
Desktop tech here. My company doesnt have functioning SSO and different systems have a different rotation schedule, so pretty much everyone just has a notepad full of passwords somewhere at their desk.
totp Better yet, if the .xlsx just has a protection password (not encrypted) you can actually rename the extension to .zip, open the XML inside and ctrl+f for 'password'
Jayden Harris
I use lastpass, it works great and it's secure.
Jaxson Edwards
>2011 >not using a password manager
Grayson Jones
>Integrates well into the browser but doesn't store your passwords in a cloud. Why is that an issue if it's just an encrypted container that is synced with the "cloud". It's not like they'll get your password.
Elijah Davis
I use lastpass
Lucas Edwards
Because it's another attack vector. If you have anything of vital importance then don't store it on a network.
Dylan Rivera
Thank for the password, sucker. I'm hacking your PC as we speak ;^)
Cooper Ross
Brain Pro 2017.
Nicholas Flores
I run a light linux vm with encrypted disk on my homeserver. On this vm I keep a keepass database out of which I can copy+paste my keys anywhere with a vnc+openvpn combo. While vnc is not encrypted, I use it only via openvpn tunnel. Has worked well for years. I never move the keepass database off the vm, I just copy the whole vm (which is encrypted) for backup purposes.
Benjamin Lee
security through obscurity is the best security.
Come up with a system completely weird and alien that nobody would know how to figure it out even if they had it right in front of them.
I bet nobody can figure out my google account password
Ayden Nguyen
a notepad file that i keep in a folder of food pictures called "recipes to try" along with a physical list stuffed into the middle of a cookbook
Easton Walker
This. Been using it for at least 2 years now, works great.
Jaxson Miller
plaintext on an unencrypted fs :)
Adrian Taylor
>security through obscurity is the best security. I thought its supposed to be the worst actually. Isnt that why all the best encryption algorithms are open.
Luis Bailey
keepass and keepassx work great for me. I dont use it for everything though just stuff that I need to be secure.
Juan Parker
GPG encrypted text file
Lucas Lopez
Exactly. This is why I uploaded all my passwords in plaintext on my github.
Jordan Lee
So I'm currently using an excel sheet for all my passwords.
If I switch to KeePass, how do I save the local pw-db file so I can use it on my iphone or on another computer I own? Google Drive? Dropbox?
Jaxon Rivera
Anyone know the difference between LastPass free vs. premium?
Colton Phillips
I have Password Safe where I save my passwords and also generate them when I need passwords for services I won't frequently need to manually login to.
For important shit I'll use a certain words with some not-too obvious character switches, something easily memorable like dogpiss, except I type it !d8gp3ss which should be strong enough yet easily memorised.
I also save my passwords to Opera without a master password so they're probably in plaintext somewhere on my computer but idgaf. I'm not too worried about some hackers gaining access to my files and searching for a password file of a deprecated browser.
James Jenkins
This, if there is only a local copy, how do you login outside of your work/in an unexpected enviroment?
William Allen
I use lastpass for everything unimportant: Slack teams, forums, reddit, social media, etc.
I don't store my email or banking passwords in Lastpass, so if it is ever compromised it doesn't really matter.
If you don't use a password manager for flippant logins you're just making your life harder.
Parker Gray
>!d8gp3ss >which should be strong enough yet easily memorised
What about pass? Its a command line based password manager. Can install it with termux on your phone and there are packages for most distros.
Juan Wright
or i could just kill myself
Brandon King
You all should just write your passwords on your dick. No one will ever see them then.
Aaron Gray
I use lastpass with 2FA for everything, including the important stuff. Lastpass makes my bank credentials more secure, not less.
Eli Robinson
not the trans pieces of shit working on firefox commenting code all day would actually suggest that.
Eli Nguyen
At least we have a dick.
Easton Long
My dick is too small to fit my passwords on it.
Jeremiah Gutierrez
Can anyone who uses KeePass answer these questions?
Christian Ward
Personally, I've saved it in Dropbox. Some people will advocate against it. But since I'm using a fairly secure password I think I'm good. I don't know about KeePass iPhone apps.
Aiden Wood
I usually don't, but if I really have to I keep an older copy (updated like once a month or a few) on my encrypted phone (keepass on pc and keepassdroid on android from f-droid).
Master one is on a pc and all passwords are updated to it's database. Usually random passwords needed are up to date even on an older db on phone.
One might keep his keepass db in cloud, I guess. But I've never felt the need for that.
Asher Hall
My uncle had an old Websters dictionary in his small library, scanned a page in the middle and then replaces however amount of the text with his passwords and what they go to in a brief message.
And then glues the page back into the dictionary.
>tfw he need a definition for a word that the page covered.