Keepass/etc General Thread

What's your method for creating a strong master password for pic related?

Passwords and Password Manager General, I guess.

Attached: keepassx-e1513285659637.jpg?w=276&h=300.jpg (276x300, 46K)

use pass instead

It's a poem. No one is gonna guess that shit.

Attached: obui_7fcc06572d256c580f2457778338a6c9.jpg (1000x750, 495K)

I do something like this.
It's the chorus of a music I like, with numbers and some symbols added.

Why pass instead of keepass beyond muh cli?

concatenate words

my password for everything is "password"
never been hacked

next level: concatenate words in different languages

i'm gonna hack your Jow Forums account now

I've been using Keepass for the past 7 years and since then I've never had to worry about data leaks, figuring out a good password or forgetting a password it's great.

I keep my master password in a second Keepass database that only I know about.

Some sites are tricky and wont tell you the length or the permitted characters, double check everything.

DONT use pass, it leaves exposed the sites you are in the filesystem. Use kpcli instead, it uses the keepass database from the command line.

>entering passwords that were ""encrypted"" on the same device
YIKES

* it's free (GPLv2) and open source.
* it doesn't do syncing, so you can use whatever method works for you (git repositories, email, self-hosted cloud, etc)
* it doesn't do encryption, it uses gpg2, so the encryption code has been extensively audited, ported to many platforms and updated to support many algorithms including elliptic curve cryptography.
* it doesn't get in the way.

make up something long and complex and memorize it. it's the only thing i have to memorize, so not really a problem.

>DONT use pass, it leaves exposed the sites you are in the filesystem.
1. your file system should be encrypted
2. your permissions system should deal with not allowing other users (read rogue processes) to see your file names

just use it right and it's the best tool for the job.

Isnt pass dependent of zsh? That is a non standard shell.

no. pass is a single bash script. it has completion scripts for bash, zsh and fish.

Sorry now I remember, is the tomb plugin the one, when I wanted install it it carried a lot of u wanted dependencies. Otherwise I would use pass but needs a better folder encryption method.

is using the original keepass safe?
i want to switch to keepasx but i don't want to install the dropbox app on my pc to sync with other devices

I vaguely remember the keepassx database to be the safer alternative. Is the main reason I switch to it. Cant remember which format is using by default but I think is original format.

Is there a plugin for Firefox that will autofill passwords and also save created accounts/modified passwords? It seemed like none of the keepass* plugins were able to do that or had little configurability. I don't want to open up my database and manually enter the urls and shit each time I change something.
Still using LastPass because >muh convenience

Kee addon for firefox and chrome is pretty good, you have to install the keepassRPC plugin

Just open keepassx and use autocomplete, it fills out for you.

KeePassX or KeePassXC ?

It is, the problem it had for a short while was the update mechanism switching to unencrypted HTTP to get dem advertising sheckels, iirc the author eventually did the sane thing and switched back to HTTPS