Reminder that password managers such as keepassXC are not secure. Use bitwarden
>>108492982
Usecase for 180 char long password?
>>108492982>site X gets pwned>1 of your accounts gets pwned>use password manager>password manager gets pwned>all your accounts get pwnedAny reason to use password manager aside from making things easier for mossad?
>>108492982i use 7zip
>>108493169>password manager gets pwnedliterally never happened btw
>>108493169You're retarded. Every password manager uses end-to-end encryption, they can't access your data
>>108492982ACKTUALLY that is safe.Normies will never understand, but losing all your messages with E2EE or losing your crypto keys because you forgot a password is, in fact, the definition of private and secure.It turns out, that security involves PERSONAL RESPONSIBILITY which normies are extremely averse to.
>>108493243tsmtthe op in the screenshot shouldve stored the note in a necklace and slept with it
>>108493310Should have tattooed it on his cock for ultimate security
>>108493169>>site X gets pwned>>1 of your accounts gets pwned>>use password manager>>password manager gets pwned>>all your accounts get pwned>Any reason to use password manager aside from making things easier for mossad?This all of this>>108493195>>password manager gets pwned>literally never happened btwExcept all of the times it happened!>>108493215>You're retarded. Every password manager uses end-to-end encryption, they can't access your dataExcept all the times it happened!
>>108494145post one time it did, pro-tip you can't
>>108494204>post one time it did, pro-tip you can'thttps://www.cloaked.com/post/the-top-3-worst-password-manager-breaches-and-security-issues-to-dateDo you retarded even know how to google>Password manager hacked?
>>108494260not clicking your virus, fuck off
>>108492982>forgets password>locked out of password manager without password>this is somehow insecure
>>108493169People who don't use a password manager tend to use the same password over and over again.So 1 site gets pwned, all your accounts get pwned.Also password shorter than about 16 characters aren't secure anymore.So yeah do you use a different completely random 20 character password for every site? - I do.
>>108494260#1: zero passwords leaked#2: zero passwords leaked#3: zero passwords leakedIt's still bad when metadata gets stolen but meh.
Pro tips:1. use multiple devices, separate concerns (one for banking and doing taxes etc, one for entertainment, one for shady shit and pirating software, one for work, one for family stuff maybe even mac with guest account you literally do not care who uses it)2. have multiple phones, separate concerns (one for anything business/work, one for family+close friends, one for bushit apps if government enforces + banking with NFC etc, one for entertainment, shady stuff and even pirated apps if Android)you can mix it up however you want, but this is ideal, although expensive3. use only passwords you can actually spell, forget autogenerated trash, use between 12-15 chars for generic stuff, more only if you are shure devs are not retarded (some would cut it to 16 or 12 chars without telling you, later they change DB and you are locked out for no reason)4. use multiple password databases, separate concerns, keep 'em on corresponding devicesYou might think you can do something like that with Qubes OS or whatever, but that's pain in the ass and also good malware can break free and install UEFI rootkit, in doing so rendering your everything on that OS useless and compromised.Blindly relying on pass manager, even if it's offline only and open source is idiotic. They can contain backdoors, they can be actually cracked more easily than you would think. And good malware can intercept your shit and steal clear text anyways. But you are only in trouble if that happens where you have EVERYTHING in one place. Like a keepass db.
>>108492982this is why i tattoo my pass phrases beneath my scrotum
>>108494522Thanks kabuto
>>108494522>use only passwords you can actually spell, forget autogenerated trashdon't fucking do this unless you are deeply retardedgenerate random passwords. end of discussion.
>>108494528Does that prevent evil maid attacks?
>>108494522> incoherent schizo ramblingI can't wait until passkeys are everywhere to fix this shit
>>108495935I wonder if it can actually do that. Haven't looked at the standard or whatever defines how passkeys are going to funciton. But... What happens when you want to migrate you shit from one device to another? What happens if your device is completely compromised and passkeys are completely fucking stolen, private keys as clear text? Then what? What's the difference from storing it in the browser or whatever?
>>108495935Passkeys are literally just passwords stored in a password manager. Instead of using KeePassXC you're using Apple Keychain or whatever Microslop's equivalent is.
>>108496205passkeys are public/private keypairswhen storing them on device, even if cloud synced (like icloud keychain) they're stored with hardware protection (TPM for windows 10/11, Secure enclave for apple devices, etc.). for Apple's icloud keychain approach is E2EE for sync, they can't read them.this is why I'm against storing them in general purpose password managers though, because in a pw manager like bitwarden they aren't E2EE. once your master password has the vault decrypted that private key is in memory
>>108494381What prevents you from self hosting a password manager?
>>108492982>random 180 char password from fucking GBA save files and shitDude just use a chuuni anime chant or the chorus to a song you like, its so easy
>>108492982Sounds like worked as intended..?
just keep your seeds in /root/ and encrypt the files with a master password.
>>108494381Use multiple of the same passwords for tiers of access. Create concentric rings of access, each with an associated password. It's easier to keep track of and change periodically.
>>108493167schizophrenia
>>108492982Why don't these retards take a picture of the password and then encrypt it in their email or something?
>>108499738He could have made copies of the passphrase and stored one of them with his family or a trusted friend. He could have burned the passphrase, key file, and password database to a CD and kept it in a bank safe.He decided not to, despite claiming that it's a life changing amount for him.
>>108492982I don't get it, your image indicates it's very secure. If there was a backdoor that let you recover your passwords without knowing the master password, now that would be insecure.
>>108496273Literally nothing. Keepass runs locally on your own hardware, you can host the database file in any cloud service you want if you want to access it with multiple devices.
>>108499857by that reckoning the best way to keep a password is to immediately destroy it
>>108492982Sounds to me like Keepass is extremely secure.
Use your fucking brain.urwtyydrghtyw73uwhuei ae2739w eudfeyu84iddwju^ That is the average size of my passwords across dozens of sites.All of them are unique, besides shitty throw-away ones that I didn't care to make an encoded password for.None of them are written down, only reminders of what passwords are used at best, and what password segments I used in each password are truncated to 5 unique characters from it as a reminder.You stupid fucks and your dumbass retarded word-vomit passwords, this whole sentence, every word, is a better password than your shit.ENTROPY ALWAYS WINS BABY, GET FUCKED, LONGER IS BETTER
