Why is every privacy guide out there recommending to use a password manager? How is storing all your passwords on some cloud server safe? What if there's a data breach? The only reliable password managers I can think about are self-hosted ones which don't need to connect to the Internet. I'm still encrypting my passwords and writing them down on paper.
because the alternative is people just reusing passwords which is on average worse
I just use Bitwarden, its FOSS and you can self-host it on your own hardware.
>>108084615because its impossible to get companies to switch from passwords to phrases because every company has to follow best practices which means* all the passwords are Password22! * password reset flow available if you have read access to the users cell phone or emailpassword managers allow everyone to blame the password manager if something bad happens to this system
>>108084639if bitwarden is so cool why isnt it integrated into gnomeme/krashde and runned on your android
>>108084615Why the fuck do you think you need a cloud password manager? That idea is, in fact, retarded. Be sane and use keepassxc. With syncthing you'll never need the cloud
>>108084615How to have my passwords on an offline device?My company say we should use keypass but I don't know how to use this to auto complete my passwords like Google
>>108084711>With syncthingWhat is this?
>>108084615>cloud password "managers"lol, what, is it possible people are this retardedkeepass and nothing else
>>108084714if you put address of a site in url field of your password entry in keepass, it will fill it in IF the browser is made to display url in the caption (there is an extension "url in title" that does that for example)
>>108084724A thing that syncs :)
>>108084615>implying a password manager must be cloud>implying you need a program at all>implying you don't already have full disk encryptionTech illiterates fuck off from my board.
>>108084615>How is storing all your passwords on some cloud server safe?keepass nigger
>>108086271>keepassass is a depreciating asset, sell and hold appreciating assets like buttcoins, then buy ass as needed
>>108086415Kek
>>108084615Bitwarden wins again
>>108086443Bitwarden Chads stay winning
>>1080858084chan should disallow posting without a PGP keyAlso you look like this btw
>>108085808I didn't say that, it's privacy recommendations I see online that constantly recommended this kind of services.
I just use my brain, check it out sometime
What are the best password managers?
>>108084615If it's self hosted, regularly updated and the master password has good entropy, it's the safest way to save passwords.
>>108086552pen and paper
>>108086552Bitwarden
>>108084615Just use pen and paper. If someone breaks into your house to steal it, you've got bigger problems than just your Xbox Live password.
>>108086552keepASSxc
>>108084615>Why is every privacy guide out there recommending to use a password managerbecause they are safe and convenient>How is storing all your passwords on some cloud server safe?they're encrypted>What if there's a data breach?they're encryptedi just use the firefox built in one
>>108086603>>108086611Which one is the best?
>>108086617there's no best, there's one - keepass
>>108086615>they're encryptednot all encryption is the samelastpass was using some dogshit encryption
>>108086626then don't use lastpass
>>108086615>they're encryptedbro send me all your passwords, i'l keep them ENCRYPTED!
>>108084639>>108084615Use case for password managers? Just make a txt file and put your passwords in there encrypted by cryptic clues only you know the translation of.
>>108084615The companies you have accounts with can get hacked and leak your password directly. The only real security is staying off grid and offline.
>>108086704why do people use databases at all when everything could be stored in a giant text file
>>108086707>The companies you have accounts with can get hacked and leak your password directlyif they're not absolutely retarded they'd be salting and hashing passwords
>>108086723they're like those stupid retards on HN when dropbox was announced going "hurr durrr what's the point of this? just use rsync"
>>108086727>saltingWhite people don't season they passwords
>>108086727>if they're not absolutely retardedthey are. the people handling your most important data, the goverbment, cant even redact a pdf properly. they also leaked my ssn to china a few years ago
>>108086520>4chan should disallow posting without a PGP key* new hidden trip field to type 'i am a fat nigger' in to* the captchas you solve get added to your notarobotlichkeit score* your hidden trip prevents you from needing to fill out captchas all day, but if someone finds out your hidden trip and starts posting aislop with it youll have to change your code to 'i am a fat nigger and tongue anus'
>>108086723I mean that's effectively what a database is
>>108086691they're encrypted on your end you spastic, the password manager service doesn't see them
>>108086820>they're encrypted on your endSays who
>>108084639>bitwarden and yubikeysThis is it for me. I also keep some passwords elsewhere so that they aren't all on one password manager.
>>108086820pinky promise
>>108086626If you use keepass with a key file you can safely host your password db in some public file server. Using any of those password manager as a service apps is stupid because you are trusting the safety of your data to a corporation which anyone can agree is not possible
>>108084615>How are password managers not a giant security issue? They areOne for the Dark Lord on his dark throne,In the Land of Mordor where the Shadows lie.One Ring to rule them all, One Ring to find them,One Ring to bring them all and in the darkness bind themIn the Land of Mordor where the Shadows lie.
>>108086790>...the goverbment...The "goverbment" doesn't run companies, anon. Rootless globalists who worship moloch and would sell their own mother do. They liability-pass through contractual semitics, and staff their "security team" with clueless indians who barely speak a word of english. The safety and security isn't even in the top 10 concerns of these private equity pigs.
>>108087837>The safety and security of your passwords and data...
>>108087580>yubikeysSnek oil
>>108086615Bet you also have Firefox sync activated and have a Mozilla account too.> but it's encrypted before sendingYeah sure anon, as if Firefox privacy policy switch doesn't means anything now.
My password manager is a an old notebook I bought 20+ years ago for $2. It uses something called paper and you save the passwords in it with a technology called a pencil. So far, never been hacked. I can in fact carry it around with me anywhere and it doesn't even need electricity to work. It's always active and available.
>>108088105Do you check and type in your 16+ character random password for every service by hand every time?
>>108088115Yep. In fact, I know most of them by hand. I only really indulge in the knowledge of my book whenever I update a password aka new login place or when I feel like changing an already existing one.
>>108084625But aren't there other ways to make sure your password is unique for each site? E.g. start your password with the first two letters of the site offset by 1 in the alphabet, followed by your current password you use everywhere
>>108088149That's not random
i know the FIDO2 standard has this, but do any websites actually support authenticating a guest device with a passkey stored on your phone?
All of my passwords use the same base word (it's an obscure word), but divided in half by numbers and symbols and then numbers and symbols at the end. I merely keep a log of the numbers used (not the symbols) and the rest is in my head.
