28
submitted 1 year ago by Dymonika@beehaw.org to c/opensource@lemmy.ml

I rely on Bitwarden (slooowly migrating from... a spreadsheet...) and am thinking of keeping a master backup to be SyncThing-synchronized across all my devices, but I'm not sure of how to secure the SyncThing-synchronized files' local access if any one of my Windows or Android units got stolen and somehow cracked into or something. I'm curious about how others handle theirs. Thanks in advance for sharing!

(page 2) 16 comments
sorted by: hot top controversial new old
[-] powermaker450@discuss.tchncs.de 1 points 1 year ago

I've set up Vaultwarden as I used Bitwarden before that and it made switching very easy. Doesn't get easier than that, synced passwords across all your devices/browsers.

[-] Manalith@midwest.social 1 points 1 year ago

I was using Bitwarden up until I moved my email service to Proton. Now, I just use all their things, but I didn't have any issues with Bitwarden personal. I do have some issues with their organization accounts though.

[-] Dymonika@beehaw.org 1 points 1 year ago* (last edited 1 year ago)

I do have some issues with their organization accounts though.

Like what? And is Proton Pass open-source?

[-] Manalith@midwest.social 1 points 1 year ago

Just management things, they don't do nested permissions, removed the ability to have groups auto added to collections and the desktop app has been broken for creating new entries in an organization because it can't for some reason it can't see collections, but that's something that broke in an update and they just haven't fixed for a few versions.

[-] ChallengeApathy@infosec.pub 1 points 1 year ago

Proton Pass. If you're comfortable with cloud E2EE managers, it's far more worth it than Bitwarden, since you get unlimited email aliases. Better for privacy and even security. Plus, I trust Proton, they have a phenomenal track record in terms of security and encryption.

[-] Dymonika@beehaw.org 1 points 1 year ago

they have a phenomenal track record in terms of security

I read that they have bowed to email subpoenas in the past.

load more comments (1 replies)
[-] kevincox@lemmy.ml 1 points 1 year ago

I mostly just use Firefox Sync. For critical passwords or non-web passwords and other small keys I store them in pass.

[-] CCRhode@lemmy.ml 0 points 1 year ago

I'm agnostic about password managers, and I'm agnostic about sync'ing password repositories between devices. I believe there would be grave risks of losing access to my own repositories by misplacing their pass-phrases or bungling other kinds of authentication. I try not to put anything on portable devices that is super confidential. On the other hand, I restrict physical access to my desktop computer. I back it up continually, power it from an uninterruptible power supply, and run only a handful of server-side processes there. ... so I feel safe ... sort of.

I suppose it may seem heretical to members of this community, but I put all my passwords in a plain-text *.csv file on my desktop machine that I maintain with my own python script.

[-] fafff@lemmy.ml -1 points 1 year ago

passwords.txt on a full-disk encryption HDD.

[-] Dymonika@beehaw.org 1 points 1 year ago

What if the HDD catches on fire or the room gets flooded while you're not home?

[-] fafff@lemmy.ml 1 points 1 year ago

I backup stuff both on a MicroSD and on web storage with duplicity. Hopefully that is enough!

[-] Dymonika@beehaw.org 1 points 1 year ago
load more comments (1 replies)
load more comments
view more: ‹ prev next ›
this post was submitted on 22 Apr 2024
28 points (100.0% liked)

Open Source

38676 readers
146 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS