Password Managers

take a piece of paper and a pencil user.

Try S10 password vault

very kool

Text file on encrypted sd card.

>online password managers

Attached: 152.jpg (728x640, 500K)

1password
- internet sync
- allows for offline vaults
- it just works

PasswordSafe

>windows only
gamer babies need not reply to this thread

Bitwarden (self hosted)

I like it, but looking to move away from it because it's not open source, and I'd like to be able to pull up my passwords on my OpenBSD pc.

en
conf t
int te7/0/1
desc #wannabefag
sh
exit

KeePass2Android

unix pass with tomb addon

I am afraid that you are mistaken there. Multiplatform.

Attached: 1512668212106.png (214x236, 3K)

>multiplatform
>in beta
next

android?

HAHA
>doesn't know it all.

never use FUD softwares which listed on that pic and install KeepassX

>proprietary
>developed in New Delhi, India

nope

I use SynoPass

KeePassXC, Padlock, or bitwarden. Anything else is horribly unsecure and/or horribly botnet.

Bitwarden

>Free
>Open Source
>You can self host
>Widely compatible

Lastpass because they've had data breaches and no one's passwords got leaked so their security has been tested and works
If Keepass was anywhere near as easy to use as Lastpass I'd just host my shit myself but right now usability, like with most anything open sourced, is a massive hurdle.

>Bitwarden
Hehe, no fucking way. Bitwarden requires MS SQL Server and the main dev doesn't feel like adding support for something that isn't absolutely proprietary. Such a shame.

github.com/bitwarden/core/issues/10

Well, now it makes sense why self-hosting is an enterprise feature

Not sure what you mean by enterprise feature. These anons are recommending Bitwarden because "you can self host it", which is true. Sure, it's free software, development is made on Github which is all fine, but then you require MS SQL, which is proprietary software and is extremely huge to install.

So anyone can self-host? Also why doesn't this page mention MS SQL?
help.bitwarden.com/article/install-on-premise/#system-requirements

It's pulling MSSQL from Docker

passwordstore.org/

Paper

Lastpass is pretty great in terms of features, but giving ALL your passwords to a 3rd party is probably not the best idea
I use Lastpass to make and store unique passwords for "low risk" sites that I dont access often or carry a lot of importance. This would be things like TruGreen, old Barnes and Noble account I dont use, etc. I dont keep important things like financial sites, or insurace passwords in LastPass. However, There is minimal risk in storing my passwords for most sites in there. It makes organization and use much easier on my part

>7zip

Attached: 1516837140637.png (226x223, 6K)

multiple pendrives using a crypto backup

That lim is 0 tho

Plain pass ist the obvious answer. You can host it on your vps or at home if your router supports port forwarding, it's synchronized with git and encrypted with gpg. Clients are available for sailfish, android and gnu/linux. What's not to like?

I liked Dashlane when I tried it, RoboForm is decent but dated (last time I tried it), and don’t know about the others except LastPass, which I’ve used for years. Avoid LastPass unless you need its broad platform support (like I do).

Attached: image.jpg (500x500, 172K)

Nice botnets. KeepassX and the database file hosted on your own server is the way to go.

>He doesn't have a personal server
Reddit pls

Attached: smug29.png (486x332, 62K)

> not being part of the master race that just remembers their passwords

KeePassXC + Syncthing

This, except it should be pass/keepassxc + syncthing

>buy a pendrive
>save a .txt file in it with all your passwords
>switch your pendrive with another one every 10 years and repeat 2
You are welcome.

*steals your usbdrive*
Heh, nothing personnel kid

KeePass2 + KeePass2android

Anything more or less is autistic.

one that you wrote yourself. because law enforcement has turn-key solutions to crack most popular ones. and the average """cyber""" forsensic dude in your average police department isn't more than a trained monkey who can just click buttons in software the police purchased for him.

So I've been thinking abut starting to use one of those (Keepass seems to be the one to go?)

How do those work, exactly? I assume they can generate crazy pws that I could not remember for the life of me if I came up with them myself - how are they stored/encrypted? Like, if I sync up with my phone, and my phone gets jacked...
what happens if my hard drive crashes? etc

keepass

>people complaining about botnet and privacy
>uses password manager

You sync the database file with whatever software you want (manual copying, syncthing, some ((cloud)) provider). They do generate extreme passwords, but of course you can also just enter your own. They're encrypted with aes128 afaik. If your hard drive fails you just restore your backup and you're good to go. If someone steals your phone they can't do anything with your database because they probably don't have the password for it.

Keep the database file saved on multiple devices in case something dies. I use my pc, phone, and dropbox. All 3 dying on me at the same time is highly unlikely.

Pen and paper

Keepass(xc) and syncthing

Lastpass
It werks

KeePass uses AES-256 by default actually. It can also use ChaCha20, or if you have KeePassXC you can use Twofish. There are also plugins you can get which provide other encryption methods.

Huh, so my memory didn't serve me well. I'm using pass myself, so I don't really feel that bad

This is the only acceptable answer
Free software password managers with self hosted syncing between devices gives you all the benefits and none of the botnet

keepass database in dropbox.

Keepass + Dropbox account. Create two fairly long (ten word) Diceware passwords: one for the database and one for the Dropbox. Bam. Secure storage.

If you're really paranoid, you can use Syncthing and just sync it up to multiple devices, but I personally prefer just using Dropbox because then I can always access it even if every device I have fails. Sure, I have to trust Dropbox, but I don't really see why they would be trying to get my passwords. What do they have to gain?

sounds good, I'll check it out

thanks!

Why would every device you own + the offsite backup you maintain fail at the same time? That seems unlikely to me

you dont have to trust dropbox, keepass is encrypted.

>I have to trust dropbox
Don't worry, dropbox has better things to do than devote CPU time to crack your anime download site password database file, which would likely take longer than the expected lifetime of the universe if your password is long enough.

>use you are brian
excuse my salad must I go