28
How do you handle your passwords? (beehaw.org)
submitted 7 months ago by Dymonika@beehaw.org to c/opensource@lemmy.ml
64 comments fedilink hide all child comments

I rely on Bitwarden (slooowly migrating from... a spreadsheet...) and am thinking of keeping a master backup to be SyncThing-synchronized across all my devices, but I'm not sure of how to secure the SyncThing-synchronized files' local access if any one of my Windows or Android units got stolen and somehow cracked into or something. I'm curious about how others handle theirs. Thanks in advance for sharing!

(page 2) 15 comments
sorted by: hot top controversial new old
[-] powermaker450@discuss.tchncs.de 1 points 6 months ago

I've set up Vaultwarden as I used Bitwarden before that and it made switching very easy. Doesn't get easier than that, synced passwords across all your devices/browsers.

[-] Manalith@midwest.social 1 points 7 months ago

I was using Bitwarden up until I moved my email service to Proton. Now, I just use all their things, but I didn't have any issues with Bitwarden personal. I do have some issues with their organization accounts though.

[-] Dymonika@beehaw.org 1 points 7 months ago* (last edited 7 months ago)

I do have some issues with their organization accounts though.

Like what? And is Proton Pass open-source?

load more comments (1 replies)
[-] ChallengeApathy@infosec.pub 1 points 7 months ago

Proton Pass. If you're comfortable with cloud E2EE managers, it's far more worth it than Bitwarden, since you get unlimited email aliases. Better for privacy and even security. Plus, I trust Proton, they have a phenomenal track record in terms of security and encryption.

[-] Dymonika@beehaw.org 1 points 7 months ago

they have a phenomenal track record in terms of security

I read that they have bowed to email subpoenas in the past.

[-] ChallengeApathy@infosec.pub 1 points 7 months ago

Every company would. They're not going to go out of business over one customer. What's important is that they weren't able to give any important information.

[-] CCRhode@lemmy.ml 0 points 7 months ago

I'm agnostic about password managers, and I'm agnostic about sync'ing password repositories between devices. I believe there would be grave risks of losing access to my own repositories by misplacing their pass-phrases or bungling other kinds of authentication. I try not to put anything on portable devices that is super confidential. On the other hand, I restrict physical access to my desktop computer. I back it up continually, power it from an uninterruptible power supply, and run only a handful of server-side processes there. ... so I feel safe ... sort of.

I suppose it may seem heretical to members of this community, but I put all my passwords in a plain-text *.csv file on my desktop machine that I maintain with my own python script.

[-] fafff@lemmy.ml -1 points 7 months ago

passwords.txt on a full-disk encryption HDD.

[-] Dymonika@beehaw.org 1 points 7 months ago

What if the HDD catches on fire or the room gets flooded while you're not home?

[-] fafff@lemmy.ml 1 points 7 months ago

I backup stuff both on a MicroSD and on web storage with duplicity. Hopefully that is enough!

[-] Dymonika@beehaw.org 1 points 5 months ago

web storage

Google Drive?

load more comments (1 replies)
load more comments
view more: ‹ prev next ›
this post was submitted on 22 Apr 2024
28 points (100.0% liked)

Open Source

31358 readers
196 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml