What's a good way to store passwords?

Ideally it would be GNU as in gahnoo, and ideally it would use something like PGP encryption. I suppose some table thing would work.

Other urls found in this thread:

ghacks.net/2016/11/22/keepass-audit-no-critical-security-vulnerabilities-found/
passwordstore.org/
twitter.com/NSFWRedditGif

just use a pgp encrypted textfile

I've been using Keepass for a long time. It seems fine but I don't know or care a whole lot about security. Good features and such and it's easy to keep backed up everywhere.

I use kwallet.

Write them down on a piece of paper and lock it in a safe, then put it in your basement vault. Isn't it obvious?

Until KeePass is found to have a backdoor or other horrible vulnerability it will always be the only correct answer. Actual KeePass; not KeePassX which is an insecure fork.

ghacks.net/2016/11/22/keepass-audit-no-critical-security-vulnerabilities-found/

GPG-encrypted text files
the Unix way

passwordstore.org/

this

anything else is retarded

...

Just use a GnuPG-encrypted text file, or just use KeePass.

This leaks the names of your credentials (server names, site names, whatever) through the filesystem. Some people suggest using obscure naming schemes or further encrypting the file system, but at that point, what’s the fucking point?

Same password across multiple websites
Desu

whats the census on keepassXC compared to keepass?

passwords.txt
login password
login2 password


I've fallen for the encryption memes but forgot the master password and no one cares about my accounts

keepassx

>6 months from last update

stick with keepass or keepassXC

KeePassX 2.0.3

Your point? What feature do you need that isn't there?

security

look at all the leaks and exploits that happened in the past 6 months

now look at the frequency of updates

its not a good look

What exploit cracks aes 256

I encrypt my brain with anime

have kept all my passwords and whatever in a text file for some five years. gnupg.vim is a handy plugin.

honestly just keep your passwords however the fuck you want, your passwords are not that important, _you_ are not that important.

In your head.

AES was developed by (((NSA)))

so they might have any critical exploits

I use it, I like it better than keepass and keepassx

>not keeping your randomly generated passwords on a scratch pad hidden in your drawer

>AES was developed by (((NSA)))
Not true. AES cipher is math.
Any exploits the NSA might possibly have against AES would be implementation specific i.e. bugs.

Nope.

Is was independently developed and chosen by the NSA as a government encryption standard.

>implying that's safe enough

>AES cipher is math.
So is Dual_EC_DRBG

Yes. Your point being?

Keepassx

I have been using pass for 3 years now. It is just a for front end for text files it is great. With with android.

It's like you didn't even read the man page.
>pass init --multiline

One approach is to use the multi-line functionality of pass (--multiline or -m in insert), and store the password itself on the first line of the file, and the additional information on subsequent lines. For example, Amazon/bookreader might look like this:
Yw|ZSNH!}z"6{ym9pI
URL: *.amazon.com/*
Username: [email protected]
Secret Question 1: What is your childhood best friend's most bizarre superhero fantasy? Oh god, Amazon, it's too awful to say...
Phone Support PIN #: 84719

This is the preferred organzational scheme used by the author. The --clip / -c options will only copy the first line of such a file to the clipboard, thereby making it easy to fetch the password for login forms, while retaining additional information in the same file.