Passwords

Best way to handle passwords in 2017+1?

Other urls found in this thread:

github.com/justwatchcom/gopass
twitter.com/SFWRedditGifs

Pass, the standard unix password password manager

Handle or store? Are you programming something involving passwords or looking to keep track of your own personal passwords?

For tracking I use KeePass.

Latter, sorry. I'm currently using KeePass but I kinda wish there was an easier way to update old passwords too. Considering getting a Yubikey too if it's worth.

this is the only correct answer

hash it up
or if you're talking about handling your own passwords, then just remember them
>inb4 too hard
and yet you remember your SSN, addresses, and phone numbers

Keep Ass
pass violates your privacy by revealing website information in the filenames, meaning if you back it up on cloud storage big brother can see exactly which degenerate anime fetish porn websites you have accounts with

It's best to have diff passwords for every site

a password as low-entropy as your SSN or phone number would be considered too weak
and you should have different passwords for every website for the sake of security, so one site run by incompetent retards and storing all user info in a password-protected excel sheet doesn't fuck up all your OTHER accounts when they inevitably leak

I write them down in a notepad.

This is cross-platform (works for anything from your wifi key to stuff on your phone, Linux, BSD, Windows, macOS machines) and secure because air-gapped.

Cost is about $3 depending on the quality of the notepad.

effective at hackers but this fails spectacularly in e.g. the "vengeful ex-girlfriend" scenario, among many others

LastPass is fine

Some sites are semi resistant to password managers, how does this one fare?

text file on your desktop

This.
Make sure you get a high-quality pad. You don't want your paper to dissolve after you write on it. Some of the newer versions have lines on the paper too. Very fancy.

Most password managers let you enter the restrictions of a site to generate a password that it will accept

Thats retarded. What if you need to access an account from your phone? Store it in the cloud.

I meant autofill, sorry. Kee only recently added a feature that would add a fieldchanged event so that the site would even let you click next.

>implying that you can't remember different passwords
You are brainlets.

write it on ur foreskin lmao

>fails spectacularly in e.g. the "vengeful ex-girlfriend" scenario
You really don't understand Sup Forums's threat model

what about jews and americans?

write it in the, albeit a little insecure, brain area

Lets see you remember 40-50 safe secure passwords

Literally just remember them.

easy just have them all be variations of each other

Hackers run masks on passwords, its a good way to get hacked

>40-50 safe secure passwords
>having them all be variations of eachother
pick one

>not only 3 different passwords and have variations of them put together

Use easily remembered phrases.

MyPasswordIsInEig0-desu

This is more secure than W231SADa! bullshit password that no one remembers.

>Salt (Master Pass) + Service Name
>Hashed 2^16 times.
Different password for each service. Bruteforcing of the masterpass if one is compromised is impractical (provided your masterpass isn't utter shit).

A system incorporating the site might work.
Maybe 2d 4t and 6t letter of website converted to military alphabet, reversed and number of letters and corresponding special char appended
Google pwd would be
OcheFlogRacso6^

a well hidden piece of paper and maybe an encrypted copy inside a micro sd

You use your current password and stack your old ones after it.

plain txts, if you are pwnd then your passwords are fucked anyway

>ex-girlfriend
heh.

Lmao

>truecrypt
>passwords.txt
>mix n match lastpass add words.
>back up volume to phone usb ect.
Do this for banking amazon paypal ect. Make another email for petty shit.

12 year old found

paper

I use KeePass with the database in a USB stick and a key file in another.

There's this fantastic device I found that's really great at storing passwords. The human brain.
If you seriously actually care about it, just put a little effort into remembering some secure passwords. People can do shit like recite pi to some rediculous number. When you need to make a secure password for something, invest a little time into generating and committing to memory a strong password.

writing them on a post-it and taping it to the wall in your room.

HackersAreNeverGonnaBreakThisPW+[servicename]+12321

This. Try to not be a lazy fuck and do not have autofill or autologin enabled. Retyping your password so many times helps with muscle memory to the point where all you really have to remember is your username and you just type out your password without thinking about it too much.

>pass violates your privacy by revealing website information in the filenames
I've heard there are ways around this without wrapping everything up in a tomb, but I don't remember what they were. Either way, this is the only reason I've hesitated migrating my stuff over to pass.

get a notebook and right them down. Make them all just 30 charecter long strings of randomness.

if you're just re-using one single password for everything, you're a moron. If you bother to memorize the unique passwords to sites you hardly ever visit, you're just wasting time+energy. Otherwise, if you can literally remember hundreds of unique and secure passwords all in your head in little time with virtually no effort: congratulations on the Autism.

What about gopass? github.com/justwatchcom/gopass

>12321
You sick Bastard.

KeePass

I don't need all that shit. pass works fine enough.

I just use a txt inside a veracrypt container nothing special, just make sure to have more than 1 backup copy.

KeePassX.
Pass is good too, but it lacks a GUI.

I use masterpassword, it doesn't store anything anywhere and it's mathematically strong.
If you don't trust them (despite the fact that their applications don't connect to the web in any way), use a diceware to generate yourself a password and encrypt in a file.
Another way, if you like to have your password written down, just generate a PassCard table (pic related), print it and pin it over your PC, just remember the Unicode character coordinates and retrieve your password. This works against angry ex gf too.

Forgot pic

yeah, so big bro can see all your passwords

>and yet you remember your SSN, addresses, and phone numbers
No I don't.

keepass
not even a doubt in my mind
eat my farts and shit everyone who says otherwise

pic related, it is a typical arch user

KeePassXC
Only if you want to leak which sites you use

put them in your mind. never utter them, never type them online.
you are the only encryption you can trust.

I save them in my brain. This may sound unbelievable, but you'd be surprised how efficient a brain can work when you start using it. Back in the day we saved many different phone numbers, just with the brain alone.

Unix is a dead system from the 70s and nobody uses it anymore.

>go
no

>claims to follow unix philosophy
>adds more bloat than the original
double no

I also use a system incorporating the site and it works well

>Nobody uses Unix anymore
*blocks your path*

That isn't Unix, it's macOS.

It is a true Unix operating system.

They paid for a license to use the trademark.

>Throw together outdated BSD and GNU utilities, add botnet an fisherprice interface, buy UNIX cert, finished is the true UNIX system

Unix sounds nerdy, that's why reddit likes it.

I keep them on an encrypted VeraCrypt drive and back it up on thumb drives and other computers

>Another way, if you like to have your password written down, just generate a PassCard table (pic related), print it and pin it over your PC, just remember the Unicode character coordinates and retrieve your password. This works against angry ex gf too.
Here comes the brainlet brigade, so brace yourself:

Lemme get this straight, with this chart for an 8-digit password I have to remember 16 different things?
Their site says you remember the column's symbol, and the row's color to get your password.

Isn't it easier then to just remember the 8 digit password rather than a combo of colors and symbols? It's late, I have a migraine, but that doesn't absolve me from being a retard.

pass-tomb

>current year meme
>taking bait thus obviously
WEW lad.

Your Brain TM

even monkey can remember information

Pen and paper. Store it in your dick-hole.

>one color and one symbol
>sixteen alphanumeric characters
Answer yourself the question

open source, self hosted lastpass

Post it on Facebook.
If you forget, ask your online friends to tell you what it is.
I'm sure nothing at all will go wrong.

pass or qtpass

this

Whats the best way of storing my keepass database file so i can sync it with all my devices without all too much trouble

I wish KeePassXC supported Argon2.

Just use the same password for everything so you don't forget anything. I've used the same password for 5+ years, never even been hacked once.

All it takes is ONE web master to try your password on your registered email account, and BAM, full access to all of your personal files and online accounts.

this desu
i don't remember any of those

1Password. Had to start using it for work and then realized it was awesome to not have to know passwords anymore. Everything is 32 char random; unless some shitty website places a limit on length.

Plus on iPhone X it's golden because of FaceID. TouchID is pretty useful as auth but there's something really simple/novel with just looking at the screen to auth.

...

then you change your password

...

What's the 2FA tag mean? Does it automate 2FA for you too?

Keepass.

No, 2FA codes need to be manually pasted/etc. But the app does act as a 2FA a la Google Authenticator/Authy/etc.

Dropbox.

but it's only 8 alphanumerics..

Or you can encrypt everything locally before uploading. Cryptomator is good for that. Or use an encrypted password database, like keepass. If you encrypt everything locally it doesn't matter if it's on the cloud.

i have a notebook with username and password. In the the first page i wrote "close it".

KeePass

KeePassXC