What is THE Sup Forums-approved local password manager?

1password.com/sign-up/
This is the new level of jewery.

Your mind and eatign omega 3

Enpass with sync over webdav to vps I own. Comfy af

>storing your passwords in a file instead of recreating them each time
You guys are begging to be bruteforce'd
Use master password instead that way you only need to remember 1 password and it cant be bruteforced

>not having a password that would take longer than the lifetime of the universe to bruteforce
You are like a child.

Brain
Oh, sure... Sup Forums-approved
Well, Gentoo then

gpg and text editor or kwallet.

Pen and paper.

My credit has been frozen for nearly 8 years because I had an id theft problem from some mail at an old address. When I placed the freeze, each credit bureau gave me a pin number. Instead of writing them down on paper, I made a word doc and printed it to an .xps file that I then uploaded into Live Desktop from Microsoft and thought I'd have it forever. Time goes by and I forget about it since I wasn't buying/doing anything related to credit and was not using Live Desktop actively. Eventually I needed it for something and discovered that Microsoft had closed Live Desktop down and did not migrate/back up my data. My credit pins are now lost forever. I've been living off of /cash/ for 8 years. FML.

This

Neurons and synapses

your personal brain

Your own head. If you're a brainlet then kill yourself.

i used to use a text file in encfs.

why not use lastpass

it works with chrome

Pen and paper

I don't want to assume, just be careful. Humans are shitty at generating random passwords.

arstechnica.com/security/2013/10/izmy-p55w0rd-saph/

Here you see a list of impossible passwords that were cracked using a dictionary attack. If your password is not completely random, a good enough algorithm can crack it if you are unlucky.

If you don't want the advantages of cloud storing, keepass is the way to go.

>storing anything but certs locally

your brain or a piece of paper and pen/pencil

With keepass you can set the number of iterations in the hashing algorithm. You can set it so high that with an 8 character master password it would take your computer 10 seconds to check one password. Impossible to crack if you use a random password and write that down.

>use a random password and write it down

if you have it written down, what do you need keepass for?

I want one master password, and for every service I use I want a new password.

That way, if one service gets hacked, the other parts are still secure.

And using only 1 master password is more efficient in this regard than manually transcribing each of the individual passwords.

It also allows to use 40 character long passwords with high ansi characters, while your password database is still secure because you set the algorithm so strong, that even with an 8 5random character password it is still uncrackable, though one startup with the right password will probably take 20 seconds then.

and if your password manager gets hacked everything is hackered

don't use a cloud service then. If your local machine is compromised, even pen and paper won't save you since an attacker could just install a keylogger ..

In that regard, Keepass is even better, as it has features that allow automatic pasting of passwords via shortcuts. These are secure against every normal keylogger and clipboard-spy. Only a targeted attack against you would work, and if you have information that important, you shouldn't store it on a computer with an internet connection in the first place.

>s even
the UI sucks tho

lastpass ui is nice.

>no cloud-based
What if I need to log in outside my home?

Does KeePass come with an easy way to backup your saved passwords?

Why don't you read their documentation and find out?

the database is a file

just make a copy

inb4 there is no such thing as completely random

take the database on an usb stick with you, or maybe there are some mobile apps that store them for you too

It's a tradeoff you have to make, the ability to use 40 character passwords vs some mild inconvenience. Maybe it's not right for you after all

A piece of paper.

That's not the point. Human randomness contains patterns that are relatively easy to predict.

>What if I need to log in outside my home?
Sync your KeePass file with something like Resilio Sync, Syncthing, a personally hosted Owncloud.

pic related

No one chose those passwords because they thought they were random, they chose them because they're meaningful

i was inb4ing you weren't supposed to respond unless someone else said it and then i was going to feel satisfied that i called it but you didn't let it go that far did you

As long as there is a random number generator in the process, user can’t trust any random number generator.

Anyone use Pass? GPG-based, so I'm worried about securing keys.

So much this. Wish the Windows client wasn't dead though because I'd love to use it at work

>All of the above options include: Unlimited installations

yeah that's what i'm trying to say. We think P3n15xXx is Random but modern algorithms see right through that

You should not trust computers that are not your own to input passwords.

This is exactly the reason I started using a password manager. I get pissed off though when services like my bank cap your password at 20 characters.

I'm currently using Dashlane, btw.

Pass combined with passmenu

>IF IT'S ONLY ON MY MACHINE IT'S FINE
you poor, ignorant souls

I personally use LastPass and don't care what people think about it.

>browser based manager
e p i k

Lecitine

How do you goys use KeePass on android?

Keepass2Android Offline

>First argument to DataView constructor must be an ArrayBuffer

>Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1
[X] doubt

Your brain.

>implying anyone wants to hack my accounts with strong algorithms

/thread. Either you remember them all, or use keepass protected with a really good password and a key file that you carry on you,

keepassx. I have way too many passwords and it's great for those not frequently visited as well. The databases are also compatible with keepass2 on Android.

Behind my eyes

...

password123

/thread

With a backup on a encrypted USB drive.

Didn't they have a data breach recently?

Yeah, these retarded paranoid schizos here tell you to carry around a laptop and USB with the files for keepass on it

Just use a post-it note and stick it on the computer screen like a normal person.

Correct horse battery staple

Keepassdroid from Fdroid

What do you guys think of this?

yubico.com/product/fido-u2f-security-key/?gclid=Cj0KCQjwytLKBRCXARIsAPchlXr96OW83fs3zTH03wDv2ZizK-HuCYNmgUhA_50Kui4zh5dKRSP8uy4aAqPzEALw_wcB

>password managers
poor opsec
you're better off writing down long random passwords and keeping them in your wallet, but be sure to change them at least every 90 days

github.com/hexafluoride/no

must contain numbers and special characters.

oh hey i get to whore off my password file again

This one and the thread is closed.
Write it yourself

What makes you think that *you* can't be bruteforced ?

>keepass
>need mono to run it within GNU/Linux environment
why not just keepassx?

...

why the FUCK would you decrypt your passwords on a compromised device

>number letter

time to generate a random passwort lol

Whatever works for you, there are both keepass2 and keepassx packages in Debian repos, at least.

You know what he meant autist

That's what pass is you fucking numpty. It's a thin wrapper around around GPG. Passwords are stored as gpg-ed files on disk You can still decrypt with GPG directly.
Added bonuses, git support, copy to clipboard, grep password files, and can encrypt password files with multiple PGP keys in case you want to share passwords

Chance you'll crack a hash of a password in a password list = 100%
Chance you'll crack a password not in your password list = close to zero
It's non zero depending on modifiers you use while cracking

this shit right there, it's pretty fucking good