Comment on Password managers are less secure than promised
victorz@lemmy.world 5 days agoThis feels a bit extreme though. Can you even trust anything online at that point? Do you also never leave your home carrying your wallet in case someone might rob you?
unexposedhazard@discuss.tchncs.de 5 days ago
Bro i have my bank details, all my private 2FA, work 2FA, health insurance access, my families master passwords, steam access, and more in there. Its literally the most important piece of software that can exist in this day and age. No im not taking chances with that. The only thing you can do with my physical wallet if you rob me is buy something up to 20€ beyond which you need the cards pin. Everything else i can just deactivate by calling the relevant parties.
victorz@lemmy.world 5 days ago
I assume you follow proper backup protocol of you are using offline password management.
How do you sync though? You keep one copy on your phone or something, I imagine? What apps and managers are you using?
unexposedhazard@discuss.tchncs.de 5 days ago
KeepassXC is the goat :)
The database file is encrypted so its fine to sync it however you like. I use syncthing for it. Obviously set a very good password on it if you sync it through unsecure channels.
victorz@lemmy.world 5 days ago
I had a look at this, and the only thing that intrigued be about KeePass was the ChaCha20 encryption which seems modern and nice.
I usually use
rbwwhich doesn’t use a web page to interact with BitWarden. It stores a local copy of the database, so the only time it contacts the servers is when adding new info or syncing or otherwise changing stuff.I’ll look more into KeePassXC and KeePassDX for mobile. Might be interesting, but the annoying part would be the syncing. You’d have to pay close attention to where you add new entries, and not add entries on separate devices if you want them synced to all devices. Or does that work somehow with KeePassXC?