I currently write down my passwords in my diary, but it takes way too long and is very annoying. Is there a better way of storing your passwords?Also, now that the Cemu appimage incident happened, are there anything you can do to protect your passwords?
>>108830319Google Keep
>>108830336Is there a way to use google keep in firefox?
>>108830319Keepassxc works pretty well, but any open source password manager will do. I don't fall for the cloud shit but if you find it useful go for it. I like to keep a copy of my database on all my machines plus some flash drives. Doesn't matter if someone steals it cause it's locked behind a strong password. Only have to worry about keyloggers or cameras but in that case your passwords are pwned anyway.
>>108830397How do you typically avoid keyloggers? Do you have to avoid certain packages or appimages or something?
>>108830432Only run trusted software, run as few applications as you can get away with. On linux with X11 any application can keylog you so it's a bit fucked. The cemu situation sucks because there's nothing you could realistically do without introducing a lot of inconvenience. I'm paranoid enough that I run all my gaming stuff in a separate user profile in a separate X11 session that doesn't contain any sensitive information but it can be annoying to switch back and forth between it and my main one.
>>108830487Well, that sucks because I'm currently with CachyOS on my laptop. My desktop currently uses windows 11. Should I switch to Windows 10 if Linux is this risky?
PASSWORDS.TXT on the desktop
>>108830537I don't think any OS can protect you if you decide to run malware, outside of schizo ones like Qubes OS. Hell there's even been games sold on Steam that search your home directory for bitcoin wallets. Code generally has to run with a ton of privileges because the OS doesn't know if you're trying to run a simple game or something that needs to access personal files. Security is always gonna be a game of balancing convenience with how much you wanna harden your system, much like a safe irl. Put a hundred locks on it so nobody can access it, not even you, or put on 2 locks in case someone gets the key for one.
>>108830570thanks anon
>>108830631If I put a .txt document in a USB drive, and I lock that USB stick behind a password, will that be secure enough?
>>108830319If I told you it would contribute to the brute forcing logic which would only undermine my own security.
>>108830680That's basically what a password manager does.
Pass: The Standard Unix Password Manager
>>108830319I have a txt file on my computer, and I keep a copy on my phone. It doesn't have full passwords, though, I have a rudimentary system of hints and abbreviations.
>>108830319Your brain + mementos, and KeePass2.
>>108830570>PASSWORDS.TXT on the desktopYes, exactly this - but unironically.This is the best way,though you might want to have a directory PASSWORD and make subfolders in it for better organisation.
>>108830319a tiny (A7) inconspicuous unlabeled notebook buried under a pile of trash lmao
I wonder if you can use this method >>108830680 with an android phone through USB-OTG to avoid >>108831758
KeePassXC
>>108830319Just use a trusted password manager like keepassXC, gnome secrets or bitwarden.Make sure you pick a very strong password to protect your vaults and you'll be ok since thats your entire safety net. If you pick a weak password then if your main database file is stolen it could be cracked easily, but if you pick a long sequence of words (a book passage, song lyrics etc) that are very memorable to you with symbols and numbers tacked on you'll never forget it and it will be basically uncrackable.Once you actually get your shit together and solve the password problem you'll feel much safer online as any data breach will only affect (at most) the site that got breached. You should be auto generating unique strong passwords for every site and storing them behind one extremely strong password.
