How do you securely back up your Keepass database?

Pen and paper.

Pen and paper is the best. I need to make some backups, I would fucking kill myself if I lost all my passwords.

Who the fuck needs keepass
Did you not opt in for the hardwired memory chip or something? You should probably jack in you fucking moron LOL

>brainlets cant' memorize their passwords

I just moved to pass, much better so far

>passwordlet using passwords shorter than 64 randomized symbols, letters, and numbers.

Most sites don't let you go over 16 characters

Not worth using any site with such poor freedoms.

freedoms extend as far as you let them, self restraint is not freedom

What does Sup Forums use for 2FA?

>go and set up 2FA on all accounts that support it
>brick phone less than week later
>hadn't gotten around to backing up the back up codes
That one taught me a lesson.

yfw the only reason the fappening happened is because icloud account didn't lock you out after a few failed login attempts so you could brute force your way into any account.

I just use Apple's Notes, I have an encrypted note with all password hints for each service I use, the hint is just an incomplete password so I can remember, so only I still really know the complete one.

It's also on the icloud folder, so I have access to the note anywhere and am safe if the drive fails.

I trust Apple with my encrypted password hints, they are the most serious company on user privacy, and even if it "leaks", it's encrypted, and even if someone breaks the encryption, there's no complete passwords there.

sorry, deleted old post to add more info
No one knows how the fappening really happened, so it's probably social engineering.

I put the data base in encrypted flash drive and carry it with me when i need it or just plug it into my desktop to unencrypted and use synergy to paste any passcode to all my machines that need it

>CURRENT_YEAR
>Memorizing passwords
ISHYGDDT

Most sites won't even let you use passwords longer than 32

>2017
>using a password manager
What is wrong with you? Just use shaXXXsum.

If you decide to back it up somewhere insecure (which is perfectly fine, AES256 is robust) make sure you have a long and complex password. Including don't do something stupid like using a song lyric or something.

>trusting porn companies with your info

A hash is recognisable as a hash, and if someone finds your salt or your encoding scheme your entire system is broken.

Good luck with that.

I use the same as you, but I skip the cloud with Syncthing. My homeserver, phone, laptop and desktop won't fail at the same time

Trusting the botnet company that let the fappening happen, also
>trusting anything from America
>ever
It's like you want you stuff to be exposed

> botnet company
but that's Google user

Yeah some luck is needed because what you're doing is security by obscurity. If your scheme say, became the most popular way passwords were handled, there would be decent password cracking scripts out there breaking your password.
Since you're just kicking the can along- the real security is with whatever you were hashing (and the salt) in the first plac.e

>password breaking scripts
>aka bruteforcing the SHA

using a 6th gen iPod nano is the best form of password backup, period.
>no wireless connectivity save for the radio, good luck exploiting this device through a fucking radio
>always on me, since you know, it's a functional watch
>who the fuck's gonna steal it? Even if they did, they'd need an old 30 pin connector, and be smart enough to look for a text file on the device (which you cant find through iTunes)
>no encryption necessary, although the text file only contains password hints so even if someone somehow accessed it it'd be useless to them

get on my level, Sup Forums.

what is a rainbow table generated with the known parameters such as "four words seperated by a space" as featured in xkcd's comic?

They don't need to break SHA, idiot. They just need to run passwords through SHA ALA a hash table, for maximum speed.
Or they can run simple wordlists through it (say you use websitename--SHA-->Password) they'll just SHA the wordlist or whatever to get your password.
It's only worth it though if lots of people use it and so there are lots of people with weak pre-hashed passwords.

>implying my pre-SHA passwords aren't distinctive enough

We're all fucked once quantum computing becomes commonplace anyway.

Yeah, about that... How many possible pws is that?

even with like 20,000 words it's still only 20,000^4 which is FUCK ALL

Dafuq do you mean by "double encrypted"?

I use lastpass with autofill disabled (which just means 2 more button clicks for it to fill).

Every "security" issue lastpass has had has been with the autofill feature, so I don't trust it. Other than that, having unique 99 length passwords for 400+ items is pretty dope.

use the google 2fa thing on my phone for 2fa.

Then why not just use the distinctive pre-sha password?
My point is that the SHA does not add security against any reasonably intelligent attacker.

Are you challenging someone to hack your nano by radio signals? Cause I'm pretty sure someone could pull that off if they were paid.

I mean, it's probably "possible", but considering how it's such an unpopular model there's not even rockbox support yet, I'm quite confident in the security of this thing.