40
submitted 4 months ago by vk6flab@lemmy.radio to c/privacy@lemmy.ml

How are you storing passwords and 2FA keys that proliferate across every conceivable online service these days?

What made you choose that solution and have you considered what would happen in life altering situations like, hardware failure, theft, fire, divorce, death?

If you're using an online solution, has it been hacked and how did that impact you?

you are viewing a single comment's thread
view the rest of the comments
[-] derbolle@lemmy.world 35 points 4 months ago

bitwarden/vaultwarden. currently the best experience for me. and youncan self host it

[-] subtext@lemmy.world 11 points 4 months ago

And it is wife / parent / grandparent approved in my household!

It’s good enough that once I taught my mom to use it, she then went and taught my grandma and now we’ve got the whole fam on a family plan. It’s seriously so good.

[-] tmpod@lemmy.pt 6 points 4 months ago

BitWarden is really good. Has (nearly*) everything I want, works well across all platforms and the free plan is very featurefull. Even though I don't really use any of the premium features, I still pay for the plan, to help fund development, it's only 10€ a year.

  • I say nearly because I'd love to have some form of autocomplete in Linux Wayland, outside of the browser extension. I believe one of KeePass apps does this (but only for X?)
[-] trevor@lemmy.blahaj.zone 2 points 4 months ago
[-] tmpod@lemmy.pt 2 points 4 months ago

Oooh, that looks very neat, thank you!

[-] mat@linux.community 2 points 4 months ago

You can kinda get autofill via a program called rofi-rbw on Wayland desktops (using wtype), but I found at least on Hyprland it often misses the field or the start of the password. I'd like to see a more consistent solution but definitely not via the official Electron app...

[-] tmpod@lemmy.pt 3 points 4 months ago

Another commenter said goldwarden implements that through the Remote Desktop XDG Portal, which only GNOME and KDE support at the moment (wlroots doesn't implement it yet).

[-] chevy9294@monero.town 1 points 4 months ago

This seems great, I'll defenetly try it out.

[-] jet@hackertalks.com 3 points 4 months ago* (last edited 4 months ago)

Seconded, plus hardware keys with passkeys disabled. Depending on your threat model, you might want your hardware keys to be a second factor, not a replacement for all the other factors. Passkeys do not fit into my threat model, as they are implemented as identity and password replacements rather than supplements

Bitwarden has an emergency contact who can access a vault after 2 weeks if you don't deny it.

https://github.com/cyphar/paperback is great for a printed analog option as well. You could put your vault key into a multi paper printout, distributed amongst trusted people, so you need a quorum of them to get your secrets if you're gone. Or get access to the family Google photos library, or whatever

[-] mike_wooskey@lemmy.thewooskeys.com 4 points 4 months ago

Thirded. I self-host it (actually the Vaultwarden fork) and use it on desktop browsers, as a desktop app, and as and Android app (F-Droid). I also store secure notes in it (e.g. end of life instructions for my partner). Very powerful and versatile, and AFAICT, secure.

this post was submitted on 14 Jul 2024
40 points (95.5% liked)

Privacy

31995 readers
942 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS