What is THE Sup Forums-approved local password manager?
no cloud-based
What is THE Sup Forums-approved local password manager?
Other urls found in this thread:
passwordstore.org
1password.com
arstechnica.com
yubico.com
github.com
twitter.com
GPG
keepass.
I just use a notepad with my more complex passwords written down, and I keep that locked in my gunsafe.
1Password, Canadian made and trusted by many.
Keepass 2.x. GNU licensed, many clients for all OS, simple yet powerful.
>Sup Forums-approved
think for yourself kid. and lurk more
...
>trial
Fuck off.
1password.com
This is the new level of jewery.
Your mind and eatign omega 3
Enpass with sync over webdav to vps I own. Comfy af
>storing your passwords in a file instead of recreating them each time
You guys are begging to be bruteforce'd
Use master password instead that way you only need to remember 1 password and it cant be bruteforced
>not having a password that would take longer than the lifetime of the universe to bruteforce
You are like a child.
Brain
Oh, sure... Sup Forums-approved
Well, Gentoo then
gpg and text editor or kwallet.
Pen and paper.
My credit has been frozen for nearly 8 years because I had an id theft problem from some mail at an old address. When I placed the freeze, each credit bureau gave me a pin number. Instead of writing them down on paper, I made a word doc and printed it to an .xps file that I then uploaded into Live Desktop from Microsoft and thought I'd have it forever. Time goes by and I forget about it since I wasn't buying/doing anything related to credit and was not using Live Desktop actively. Eventually I needed it for something and discovered that Microsoft had closed Live Desktop down and did not migrate/back up my data. My credit pins are now lost forever. I've been living off of /cash/ for 8 years. FML.
This
Neurons and synapses
your personal brain
Your own head. If you're a brainlet then kill yourself.
i used to use a text file in encfs.
why not use lastpass
it works with chrome
Pen and paper
I don't want to assume, just be careful. Humans are shitty at generating random passwords.
arstechnica.com
Here you see a list of impossible passwords that were cracked using a dictionary attack. If your password is not completely random, a good enough algorithm can crack it if you are unlucky.
If you don't want the advantages of cloud storing, keepass is the way to go.
>storing anything but certs locally
your brain or a piece of paper and pen/pencil
With keepass you can set the number of iterations in the hashing algorithm. You can set it so high that with an 8 character master password it would take your computer 10 seconds to check one password. Impossible to crack if you use a random password and write that down.
>use a random password and write it down
if you have it written down, what do you need keepass for?
I want one master password, and for every service I use I want a new password.
That way, if one service gets hacked, the other parts are still secure.
And using only 1 master password is more efficient in this regard than manually transcribing each of the individual passwords.
It also allows to use 40 character long passwords with high ansi characters, while your password database is still secure because you set the algorithm so strong, that even with an 8 5random character password it is still uncrackable, though one startup with the right password will probably take 20 seconds then.
and if your password manager gets hacked everything is hackered
don't use a cloud service then. If your local machine is compromised, even pen and paper won't save you since an attacker could just install a keylogger ..
In that regard, Keepass is even better, as it has features that allow automatic pasting of passwords via shortcuts. These are secure against every normal keylogger and clipboard-spy. Only a targeted attack against you would work, and if you have information that important, you shouldn't store it on a computer with an internet connection in the first place.
>s even
the UI sucks tho
lastpass ui is nice.
>no cloud-based
What if I need to log in outside my home?
Does KeePass come with an easy way to backup your saved passwords?
Why don't you read their documentation and find out?
the database is a file
just make a copy
inb4 there is no such thing as completely random
take the database on an usb stick with you, or maybe there are some mobile apps that store them for you too
It's a tradeoff you have to make, the ability to use 40 character passwords vs some mild inconvenience. Maybe it's not right for you after all
A piece of paper.
That's not the point. Human randomness contains patterns that are relatively easy to predict.
>What if I need to log in outside my home?
Sync your KeePass file with something like Resilio Sync, Syncthing, a personally hosted Owncloud.
pic related
No one chose those passwords because they thought they were random, they chose them because they're meaningful
i was inb4ing you weren't supposed to respond unless someone else said it and then i was going to feel satisfied that i called it but you didn't let it go that far did you
As long as there is a random number generator in the process, user can’t trust any random number generator.
Anyone use Pass? GPG-based, so I'm worried about securing keys.
So much this. Wish the Windows client wasn't dead though because I'd love to use it at work
>All of the above options include: Unlimited installations
yeah that's what i'm trying to say. We think P3n15xXx is Random but modern algorithms see right through that
You should not trust computers that are not your own to input passwords.
This is exactly the reason I started using a password manager. I get pissed off though when services like my bank cap your password at 20 characters.
I'm currently using Dashlane, btw.
Pass combined with passmenu
>IF IT'S ONLY ON MY MACHINE IT'S FINE
you poor, ignorant souls
I personally use LastPass and don't care what people think about it.
>browser based manager
e p i k
Lecitine
How do you goys use KeePass on android?
Keepass2Android Offline
>First argument to DataView constructor must be an ArrayBuffer
>Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1
[X] doubt
Your brain.
>implying anyone wants to hack my accounts with strong algorithms
/thread. Either you remember them all, or use keepass protected with a really good password and a key file that you carry on you,
keepassx. I have way too many passwords and it's great for those not frequently visited as well. The databases are also compatible with keepass2 on Android.
Behind my eyes
...
password123
/thread
With a backup on a encrypted USB drive.
Didn't they have a data breach recently?
Yeah, these retarded paranoid schizos here tell you to carry around a laptop and USB with the files for keepass on it
Just use a post-it note and stick it on the computer screen like a normal person.
Correct horse battery staple
Keepassdroid from Fdroid
>password managers
poor opsec
you're better off writing down long random passwords and keeping them in your wallet, but be sure to change them at least every 90 days
must contain numbers and special characters.
oh hey i get to whore off my password file again
This one and the thread is closed.
Write it yourself
What makes you think that *you* can't be bruteforced ?
>keepass
>need mono to run it within GNU/Linux environment
why not just keepassx?
...
why the FUCK would you decrypt your passwords on a compromised device
>number letter
time to generate a random passwort lol
Whatever works for you, there are both keepass2 and keepassx packages in Debian repos, at least.
You know what he meant autist
That's what pass is you fucking numpty. It's a thin wrapper around around GPG. Passwords are stored as gpg-ed files on disk You can still decrypt with GPG directly.
Added bonuses, git support, copy to clipboard, grep password files, and can encrypt password files with multiple PGP keys in case you want to share passwords
Chance you'll crack a hash of a password in a password list = 100%
Chance you'll crack a password not in your password list = close to zero
It's non zero depending on modifiers you use while cracking
this shit right there, it's pretty fucking good