I am a bit paranoid about privacy/security and have used a system where all my passwords are written down on good old fashioned paper in a notebook. The problem is I have accumulated so many entries it has become a pain to sift through my notebook and retrieve long random password strings I wrote by hand. I want to use a password manager but I am unclear if I can trust one . Do you guys have any you use and trust? Preferably open source or completely severed from the internet?
KeePassXC to be more specific. Crossplatform.
Keepass. Its not paranoia, its a good idea and should be the standard.
With keepass you use an encrypted file that you control. I use Dropbox with 2fa to sync between devices.
I use lastpass. It is end-to-end encrypted, and their browser addons are excellent.
I use keepass2. Since you already use a notebook it should be easy to get used to. Realizing that if I don’t have access to my kdbx file I have no access to anything on the internet can be pretty scary.
How secure would it be if I upload my kdbx file but use a keyfile that I only share through local means (such as flashdrive)?
Thanks everyone! I heard of keepass but now that I see people in a community I trust use it Ill probably hop on board.
this is the right answer.
XC has entropy value based password generator.
I wouldn’t use the browser integration personally.
I use keepass. The file it creates is encrypted which I can then host of a file cloud storage platform (I use google drive) so I can have several devices using my ‘master password file’. Even if Google Drive gets compromised my password are encrypted and should be safe.
What OS do you use? @benperson
Keepass, lastpass, bitwarden. They are all good choices depending on what you want.
That should be fine.
We’ve covered this before in the forum so briefly, I won’t trust bitwarden until it goes through a code audit, which they are planning to do. Keepass, 1password, and lastpass have all passed audits.
This is true. Will be good to see the results for bitwarden once its done.
Worth keeping in mind that the code audit was only for keepass not keepassxc etc. and it was only for keepass 1.31. Keepass 2 has not been publicly audited so should bear the same caution as bitwarden and others.
KeePass2/KeePassXC on some form of P2P file sync on a local network or a self hosted solution like Nextcloud.
Ahh-- excellent point, was not aware of that.
Since no one mentioned it; SysPass!
Been using it for quite a few months, and although it isn’t as refined and polished as KeePass, it can definitely be a much more handy tool for sharing sign-ins (ex. Amazon, Netflix, etc) with family members! I love it, and really wish I knew how to code, so I could do a few pull-requests for the developer to fix parts of the UI which are lacking.
BTW, it’s web browser based. #plsnoh8
do school work and coding projects on Linux (ubuntu) but my main personal computer is windows 10
KeePassXC or a service based password manager