Thoughts about online Password managers?

Thoughts about online Password managers?

Attached: 6d4e2e5eba2d4940ac4bf47980914527.jpg?h=1079&w=1454&la=en&hash=7950BAF577FB5299F2DD7B66B6 (1454x1079, 88K)

We have to use last pass at work. We switched from keypass on network drives. I hate it so damn much.

terrible idea

>Thoughts about online Password managers?
Approved if FOSS.

Bad

>password manager site shuts down
>lose access to all you online accounts
Sounds convenient

I use this fantastic password manager that is fully 100% unhackable and secure, it's called a fucking brain. What absolute brainlet trusts a fucking website with his most secure authorisation information lmfao.

Is this "brain" open source? And if so, is there a way to install Gentoo?

I use it for most of my accounts, great for security to generate complex passwords to different sites, but you should use a pass phrase to secure your last pass account and then use pass phrase and not save it to your last pass on really important accounts (that you should have actually one or two, if you have more consider minimizing your internet footprint)

Do act smart not a retad

>Password manager site is hacked
>All the stored passwords nicely categorized and freely available
>Not even hashed or salted or whatever cryptonigger gobbledegook

Any reason?

They are stored encrypted

Except it's not?

Why so if it's FOSS and you store the database locally?

Says who?

Can you verify it yourself?

No you cant

>He believes what he is told even though he cannot verify it for himself

You are fucking stupid if you trust a list of passwords to anyone but your own memory.

LastPass did get hacked (twice, IIRC) and no passwords were obtained because they actually secure their (and your) shit.

Someone somewhere is now sitting on a big pile of encrypted password containers just waiting for AES or whatever to be cracked.

Pen and paper works better

Just self host your password manager

Super duper botnet

kills the hackers jobs on cia, fib, nsa....

Websites are inherently insecure and are not permanent.

Lastpass works offline

Where do I get "brain"?

>change all the passwords on all your accounts
Wow, problem solved. And you just made all your shit way more secure.

depends on your threat model. also not true.

Truecrypt 7.1a container with *.txt master race

It scores very high in certain regards but falls short in others

>online Password managers
yikes...

Against.

Why not use this physical password manager?

Attached: 71niFpn7JwL._SL1080_.jpg (1080x661, 100K)

Yeah, so rather than paying 3 dollars a month for a team of experts to manage your shit full time, you'll pay 2.50 a month so that you can become the lead developer, system administrator, and security consultant for your passwords in your spare time. Great work, dipshit.

Just use KeepassXC and save your database on a Google Drive or something.

>Thoughts about insecure Password managers?
lol

A them problem becomes a you problem what a cuck succumb to that

this is for retards.

I just save all my passwords in .txt on my desktop

plz see

I just shove dem in a database I host on my local network.

>they solve tons of your problems
>one problem happens that's easily solved
>"Oh no, I had one problem with them! That means it was all for naught!"

>128-bit secret key
They're going to be waiting a while. Plenty of time for me to change those passwords.

i'm using Keepass with syncthing to synchronize the database across devices, Kee addon on the browser and Keepass2Android on my phone

I want to switch to KeepassXC mostly because i would like to use it with native GUI on my kubuntu box. Are KeepassXC files compatible with keepass? are there any other advantage (asides from the GUI) of using keepassxc over keepass?

>overcomplicating things
You could just as well use en encrypted zip archive you know...

I wish Keepass* tools were more better. 1Password is so polished.

>Overcomplicating a right click
>Zip
Yeah okay

Attached: Mount_.png (287x403, 52K)

They encrypt it in javascript client side

just encrypt you database with a keyfile,and sync it.
are you stupid?

>You are fucking stupid if you trust a list of passwords to anyone but your own memory.

>not having hundreds and hundreds of passwords to manage

lightweight detetced

Staying away from online. Using keepass database in a veracrypt volume on a usb. It's handy because I can keep ssh keys in there too. My ssh configs point to these keys but they're not available until the volume is mounted. The convenience of a key based logins without having a bunch of keys sitting in the open if your machine purloined.

>this entire thread
Holy fuck. Its real simple.
Do you trust your passwords in the cloud?
>yes
Bitwarden
>no
KeepassXC

>KeepassXC
This is the right answer.

Attached: yes.jpg (361x363, 8K)

It comes down to preference but most people are just gonna put their keepass file on google drive or some shit.
For that reason i advise just using bitwarden. It makes syncing easy and is FOSS.

t. guy who uses 3 passwords for everything

larger attack surface than a local native application working on a local file but better than nothing. I don't like lastpass because it's slow and runs in the browser but I'd be down for a 2fa enabled security audited native password manager that stores shit ~in the cloud~

Just use literally any non-cloud password manager and rsync it to a server. Why would you think "host it yourself" would mean "write your own solution from scratch"?

You can guarantee you won't give up your passwords under duress?

is there a difference between KeePass2 and KeepassXC besides the platform theyre available on

>t. Guy who uses the passwords
Actually all of them are unique and memorial. Not that hard to come up with them, brainlet

torture doesnt work like that.
if you torture someone long enough they tell you whatever you wanna hear and not necessarily the truth. trust me i have experience in these things.

>online Password managers
>a team of experts
m8, experts know managing passwords through a web browser, even if offline, and even if they don't really keep passwords or ANY data in their servers, it's still a bad idea

I just keep all my passwords on a USB stick and only access it when I need a specific password out of the 30 I have.

Your brain is vulnerable to the new hack called forgetting, faggot. Try to memorize this (@*#)(@)!iwepLLS0!)@9388)()!)?1)!)@!)@``'""]][}}[[][][":"//??>?/.:)@(DK as your password