Are you using KeePass, Sup Forums?

>REEEEpass
lol

>Mono is shit
>Qt is shit
Never change, Sup Forums

Yes, until I've transitioned to pass so I can skip the database file and have encrypted files with the passwords instead

Yes, Qt is shit too and I hate having it installed on my system because keepass is the only program needing it.

yes, keepassxc
keepassxc.org/

that's the shit right there mane

Have you switched to using Argon2?

>no screenshots on website
why do people do this

password managers that hash shit and don't store nothing anywhere

No, I don't want my passwords to be compromised in case someone somehow compromises my PC.

my man

it looks like keepassx

You made a small mistake in your post. You wrote "No", when you meant "Yes" ;)

Multi factor authentication? By the time they can smash your key file and password, or even yubikey, you will be able to rotate everything.

yes

There's literally no reason to use KeePassX over Keepass. It's got slower development and less features

I'll switch when there is hardware support for Argon. Until then I'll enjoy the 1.3GB/S speeds of AES with the AES-NI instruction set of all modern CPUs

What do you guys use on Android? Keepass2Android werks, but could be better.

It's a fork of KeePassX

>Why KeePassXC instead of KeePassX?
KeePassX is an amazing password manager, but hasn't seen much active development for quite a while. Many good pull requests were never merged and the original project is missing some features which users can expect from a modern password manager. Hence, we decided to fork KeePassX to continue its development and provide you with everything you love about KeePassX plus many newfeatures and bugfixes.

mane pls
has autofill and everything
more frequent updates 'n' shiet

Keepass + file authentication + keeOTP
Custom icons to make it pretty

redpill me on keepass

>a single password that gives you access to every single other password
this sounds fucking stupid
as soon as it's compromised, all your accounts go down with it

>gtkucks

Qt is fucking disgusting, GTK is missing a minor feature.

What the fuck is the point of that then?

No.
I am using a traditional password manager which is Pen and Paper.
It is the most secure password manager if used correctly.

>no, I don't want my passwords compromised in case someone somehow compromises my PC and spends 15 quadrillion years breaking keepass' encryption
Fixed that for you

You either reuse the same few passwords, or have different strong passwords for everything, but keep a list of them, since you are bound to forget the ones you don't use frequently. It is much more likely that a site will get hacked and your password will be leaked than it is that someone will get hold of your password database and crack the encryption, so reusing the same password is clearly the worse strategy. Really the only alternative to keepass (or another password manager) is using pen and paper, as other posters have suggested, but that has it's problems too, like having a list of your passwords in human readable form around in your house, and the fact that you are much more likely to lose a piece of paper than your password database (if you do backups properly).

You're wrong.
schneier.com/blog/archives/2014/09/security_of_pas.html

Tell me what's wrong with storing my passwords in fsekrit?

There are a couple of things, actually
>it requires windows
>it is a program for storing encrypted notes, and not an actual password manager (worse for sorting your passwords into categories)
>every note is also an executable, which is a pretty redundant feature

Can I tell you guys my password and get some feedbacks on how safe it is?

Yes. Please make sure to include your DoB and social security number as well please.

Lastpass, any thoughts?

Runs on Wine too. Checkmate?

I too like using programs that require an entire fucking OS emulator to run.

I just use really obvious passwords and hash them an arbitrary number of times.

So "password" becomes;

19f98ccb7b605584d5136e23920ea67187274927856bf8

It doesn't take 15 quadrillion years to install a keylogger on a compromised machine.

That said, if they can keylog your master password they can keylog all your other shit, so is a dumb. Just a different kind of dumb.

KeepShare Lite is awesome. It asks you anytime you reach a site if you want to log in using their credentials. I just wish it would auto-synch with drive though.

Using 1Password here. Shit's nice.

but keepass has keylog protection??

I once used the same 25 character password for everything and I thought I was safe until a vengeful ex got a hold of it, so now I know better.

Different password every time, maximum complexity. Feels safe man.

this

I use lastpass.

proprietary botnet

What happens if you reinstall your pc?

you can't get hold of your passwords then?

No, I'm not mentally retarded.

save the encrypted db to some external memory device, you dolt

save it on a usb drive, external harddrive, (((the cloud))) etc

nobody got time for that

>WINE
>emulator
Pick one, retard.

Oh I see, because you have all this shitposting to do.

keepassx faggot

I use LastPass for saving passwords.

Thoughts on pass?
>passwordstore.org/
Uses GnuPG. But I'm now worried about securing my keys.

>our legal department told us to call this emulator "This Isn't An Emulator."
That's cute, but it is the definition of an emulator. Maybe not the one some Linux neck-beard invented in his own head back in 1990, but the one that exists in the dictionary.

>I just use really obvious passwords and hash them an arbitrary number of times

>select top 500 most popular passwords
>hash using different algos
>add to database of passwords

I'm sure no one has thought of this before.

encrypted archive on dropbox containing all my passwords in plaintext

How long/complex is your database pass? You do know NSA stores all encrypted data for cryptanalysis?

There's no legal issue. the name was changed because emulator doesn't accurately describe it sine it's a library implementation and no virtualization occurs, dipshit.

KeePassX

>not one single argument on why anyone should use keepassx or the other forks instead of keepass

how exactly does it protect you from keylogging when you type in your fucking master password

how does your shitty article disprove that you're 100% fucked as soon as someone knows your master password?

Ok fine, they know my master passphrase (unlikely). Now, what about my keyfile(s)?

Not the guy you're replying to but I've never understood what the proper security measures for keyfiles are.

Keep the file(s) in amongst other files and give it a common name. Since the keyfile can be any binary file, rename it to appear completely ordinary (i.e. system32.dll instead of keyfile.jpg)

But on the keepass site they say that obscurity of the keyfile isn't what matters, since people can just test every file on your computer, it's the obscurity of the contents. That's the bit I've not understood, like are you supposed to alter the keyfile between uses so it's not in a usable state by default? Or are they just full of shit?

isn't that the online shit that got hacked multiple times? the one that stores your passwords online for anyone to see?

I was gonna transfer over to keepass but I'm way too lazy. Been using LastPass for years and happy with it. Never had an issue so far.

>Muh safety
>Get a trojan with KL
>You acess your keepass
>Hacker gets all your passwords in a plate
Fuck gamestop

>But on the keepass site they say that obscurity of the keyfile isn't what matters, since people can just test every file on your computer, it's the obscurity of the contents.

I understand this reasoning but this is very unlikely unless your attacker has physical access in which case you are already fucked. Practically no one is going to have any success otherwise.

>are you supposed to alter the keyfile between uses so it's not in a usable state by default?

No, not that I have ever done. Really, having a passphrase and keyfile(s) is next to impossible to circumvent unless your computer is physically owned.

That makes more sense. Thanks.

No, because I am not a fucking mentally hilarious retard.

Every pass I have is unique and 30+ characters most times. (besides shit sites that have pass limits, in which case I have a micro-version of making passwords for those)

I only do 30~ because it is decent enough.
It'll still take 10 times my lifetime to brute force even with how I generated the passwords and a dictionary to brute the damn thing intelligently.

You people and your shit software.
No wonder you have bad memories, you rely too much on external storage.

...

>ha ha i used the epic fedorable mime wew

Enjoy your mental illness and fake security.
I bet you think the epic randomness of the digits improves security as well lmao

>tfw photographic memory