Password Managers

Seahorse

My head

Master password. Passwords aren't actually stored on a data base they are generated each time using your name, a master password and the site the pass is for.

>And the encryption will be cracked in the next decade or maybe even in a few years
No it won't.

keepassx

Keepass with its file in google's botnet.

>"NASA, Google and everyone else will be able to access your database"
>implying they don't already
lol

If the encryption is cracked, what stops them from hacking all your passwords already?

They also have to break into my computer and figure out my keyfile. No way I store those online.

you seriously think it's difficult to figure out someone's key file?

I'm sure it's not. Currently I keep both the kdbx and keyfile offline. Keeping my kdbx and keyfile offline is my only real security.

How secure is it to upload the kdbx and only share the keyfile through local means like a flashdrive?

KeepASSxc and keepass2android

>What password manager does Jow Forums use?
Folder of pictures.
Each picture has a unique hash value, that hash value is a password

passwordstore

figuring out someone's key file is the easiest thing to do, unless you keep around 1 million files on every device

super old version of 1password on windows, keepassx on linux

It doesn't matter because all the sites that store your password are getting breached anyway.

Attached: New Text Document.png (180x180, 12K)

Are you guys seriously keeping the keyfile on the same device as your database, just hoping someone won't be lazy enough to try and find the file? If it's a government you're worried about, they have all the time in the world.

The whole point of a key file is that you keep it somewhere else. It's supposed to be a second factor. Literally anything other than the same machine as the database like a flash drive.

Encrypt the flash drive too if you want. Store a spare in a secret place.

For people who care about security, you sure don't do the easy stuff well.

>encryption will be cracked
If that happens most things wpuld be fucked not just the password to your loli porn folder

This
It's not like they don't already see everything you're doing. people who freak out about privacy on Microsoft, when using Google and YouTube daily, it's so stupid, go full out, or don't bother.

A brain.

You gotta be on a different level of autism if you can store 20 different random ass passwords and remember which one goes to which account. Nb4 you use one master password like a retard.

What about making up one very hard password, memorizing it and using it to encrypt a password database that you keep on any device? Because I trust that more than a flash drive.

I don't think you understand what a key file is. A key file is used to open the damn database, you fool.

Why, what's wrong with one master password? What's a better alternative?

autism has nothing to do with memories, you fucking retard

I know what a keyfile is, you fucktard. I have one on a flash drive that I use to decrypt my database on my machine, in addition to the passphrase.

>letting your thumb drive overheat
>being so delusional that you actually believe nobody can figure out which file is the keyfile

Attached: 1517227418850.png (403x448, 53K)

>letting your thumb drive overheat
Keep more than one. This has never happened to me because I buy decent drives anyway.
>being so delusional that you actually believe nobody can figure out which file is the keyfile
This is the exact opposite of what I said above. Can you read?

...

There is no other method that is quite as secure, reliable and efficient as literally just writing them down somewhere. Keep a backup too.

> This has never happened to me
Then you are full of shit because USB drives are small and will generate heat. It is physics.

As long as they just access it and don't fuck anything up, I'm okay with that.

I'm not worried someone will have access to my PC, I'm worried some pajeet website will fuck up and give clear text passwords to a criminal.

As long as my passwords are unique for each website, I am fine.

When did we start saying UX instead of UI or GUI

Since it didn't mean the same thing. They are two separate things, although the UX does include the UI.

what the fuck is a UX then

1password

some new age hipster bullshit word for UI

I use Keepass. The usability is not the best, but it's the only one I trust.

But password managers don't access the internet.

If you're that worried, then just store your login information in an encrypted text file. It's basically what a login manager is.

I used to do this back in 2008

it's actually not terrible provided you encrypt it with pgp

>all have terrible UX
Just copy and paste your shit (Cmd+B for username, Cmd+C for password). Worked for me with an ancient version KeePassX on Leopard.

the ones i saw before i settled on keepass are online managers that sync and can be used across devices. no thanks

want to do this eventually but for now just have my file on an external drive that i carry around

anyone keeping the keyfile and encrypted file in the same drive doesnt understand the point of a keyfile. but i dont use those, just a long password thats easy for me to remember

>Why, what's wrong with one master password? What's a better alternative?

Attached: 1512369692936.jpg (1200x1000, 174K)

not him but I've always used a single master password on my password database, it's a 20 character password with a-z A-Z 0-9 and specials

yeah i dont get the issue either. my master password isnt keeping some illegal shit from access of the government. and i dont put my db online either, no need for tons of safety features along the masterpass.

i may try hosting my own server where i can keep this db or just throwing it on a google drive. then ill add keyfiles etc just in case

Nothing personnel.

Attached: onlykey.jpg (1500x1125, 243K)

lastpass. its easy and it works on my phone

I sync my db with google drive and manually place the keyfile on devices that need it

Having by DB alone is like a door without the key, and now there's double entropy since they wouldn't know if there's a keyfile

User experience. It comprises all your interaction with the product, from interface to user service.

The second you use that password for a site that has its data leaked, that master password is capable of fucking over all of your accounts, and you better know every account you own and change them now before damage happens.
NCIX had all of its user data breached a few weeks ago, and affected pretty much every customer who had an account there, and the same goes for a lot of sites, Adobe had a breach a while ago too, even Facebook had an exploit recently thats making it face a billion dollar fine in the EU. And I swear if you sign up for some really small site, you better fucking hope their shit is secure and you should never ever trust them with that master password.
Tbh how are you guys even on Jow Forums without knowing this shit. Nb4 fell for bait.

outta your depth dude, just shut up and stop spreading FUD

>using your master password as the password on a website
why would I do this? I generate new passwords from inside keepass for websites
I have never typed my master pass into anything besides my password manager
whats the risk?

If you follow the reply chain, the original point was just using a master password for everything.

oh masterpassword as in just one password for all websites? i thought we were talking about just one master password for the database and no other security measures.

read my post i think this is what they mean

Only idiot winfags need password managers, if you can't remember your passwords then you shouldn't have any.
I have 3 different passwords that I use variations of using added numbers, letters, or punctuation, easy to remember.

ok, obviously using the same password for every account you have is pants on head retardation
are there any security flaws in my setup though

Actually I should stop memeing. This is literally the only hardware key on the market with all the futures you would ever want in a hardware key and it's only $50. If you think I'm joking just look at the website. Highly recommended.

onlykey.io/pages/features

Upload your password database. Do it faggot. I fucking dare you.

You need to shut the fuck up, not me.

I use a password manager and therefore have about 150 unique passwords.

>only 3 passwords
What are you like 15 or something?

>he doesn't keep his passwords on a computer that's never touched the internet and never will
enjoy having your passwords stolen by the NASA, winfags

>The second you use that password for a site that has its data leaked
And why would I do that? What are you even talking about?
>And I swear if you sign up for some really small site, you better fucking hope their shit is secure and you should never ever trust them with that master password.
Again, why would I put my master password on any website?
>Tbh how are you guys even on Jow Forums without knowing this shit. Nb4 fell for bait.
I think you're just reading shit no one said.

i didn't read your post, newfag

please learn to structure it properly or no one will read it

No, with the variations I use for each it's alot more.
You mean NSA moron.

>pass1word!gmail
>pass1word!github
>pass1word!reddit
yep

No it wasn't. Nowhere was that explained. Stuff like Firefox sync literally uses the term "master password" to mean a password that encrypts your password database (there's an intermediate step, but it doesn't matter).

I don't care what you read, you still have no idea what a master password is.

LOL far from it you pleb.

>says an increasingly nervous user

Kek'd

this is actually a decently strong scheme to go with if you aren't going to use a password manager
obviously pick something better than pass1word! though

It's still pretty weak unless you use some very unpredictable variations (i.e. not just replacing e with 3 and shit like that), but then you can't remember it.

an obvious tip if anyone hasn't thought about it

if you're concerned about your password manager getting attacked just combine a weak password (you remember) with a strong password (from your pw manager)

Bitwarden and Standard Notes
They both just werk

They do generate heat. But so does every other part of a computer and those don't melt down like you're suggesting a flash drive does.

>those don't melt down
it's almost as if they have actual fucking air flow with cooling components to get rid of the heat, you literal retard

are you using a flash drive as your swap?

Looks cool. I may purchase one. Thanks user.

Pass
Password store
* built around the unix philosophy of doing one thing well

Do you pay for it?

Keeweb on pc + tusk for keepass on chrome + keepass2android

Since I dont trust anyone for good reason. I go with excel file that is password protected that is 7zipped encrypted on the USB attached to my keychain with a backup on my home USB backup & microsd card in my trunk. I use boring names like "2017 air duct cleaning quote".

My file cabinet on my desk organized with dividers.

this

>generally terrible
true. kpcli or keepmenu are the way to go. Using keepmenu now.

This.
>basically what a login manager is
apart from pass and keepass, most of these are "store your passwords with us, we will copy it to all your devices and sync it!" Keepass is just an encrypted file. Pass is the same.

ufile.io/4vr9r

this