What password manager do you use, Jow Forums?

Pass for Linux, passwordstore for Android.

Attached: Screenshot_20190201-124543.png (1080x1920, 51K)

neurons

down syndrome?

Firefox with master password with a password protected excel workbook as backup.

1Password.

Why would I put all my passwords in one place, in software I know nothing about?

So you only need to remember one super long and convoluted password to access your other less long and convoluted passwords

Most good password managers are typically open source and audited, but if you are paranoid, you can research them beforehand

Best setup right here, seconding this

Chuclechucc

Attached: maxresdefault.jpg (1280x720, 47K)

keepass

Attached: 300px-KeePass_icon.svg.png (300x300, 23K)

keep ASS xc

keepassxc

notepad.

Should i migrate from lastpass to bitwarden?

but does this automatically insert passwords for you or is it just a place to write them down in case you forget them?

my brain because im not retarded

vanilla keepass on windows, keepass2android for my phone.
db synced with google drive.

Why everyone hate lastpass?

>but does this automatically insert passwords for you
It copies password to the clipboard for a limited amount of time.
There are browser plugins to fill everything automatically.

only retards use online password managers

And the rest of password mangers don't?

Bitwarden.

Notepad

Keepass2 on Windows, keepass2android on phone.

I write them in text files on my pc

Nope, KeePass is an offline encrypted database file

Absolute brainlets.

i keep the passwords in d: drive.

Why would i use this bloat when i can just put it in an encrypted text file

KeePass

Arn't password managers botnet/spyware

>2019.833
>Not having an encrypted tab on you're clipboard manager.

Attached: copyq.png (128x128, 10K)

>putting your passwords in “reliable” apps
>not writing everything on paper

Might as well email me your passwords, anons

I can email them to you but it's gonna take you longer than the expected age of the universe for you to crack 1.

pastebin

What does Jow Forums think of lesspass? Idea seems solid.
lesspass.com

>having to actually type out complicated passwords
assuming you are logging out everywhere after ending the session. if you aren't, then writing it on paper isn't much more secure.

>have access to machine
>have access to session
>configure victims machine as vpn
>log into every conceivable service with those sessions

Same as I recently switched to zx2c4 pass, pretty happy with it so far. passwordstore.org

Still have to insert passwords in the correct format from a few browsers and stuff, though.

Passwordstore can use Android's autofill on chromium on Android.

But in general, you'll be using a browser extension or other piece of software, the "pass" CLI can't monitor applications under Xorg or Wayland or whatever else you're using.
See passwordstore.org/#other and passwordstore.org/#extensions

Use one of the open sauce ones, and feel free to sandbox it a bit.

Too paranoid to tell.

seconded, plus a few plugins to sync my database through SFTP

For me is KeePassXC, it literally just works.

Last pass, if your posting on here Google already has a bunch of info on you, the only way for real privacy is to live in a cabin offline

Attached: Jones-Prepper-Pictures.jpg (1366x768, 184K)

>if your posting on here Google already has a bunch of info on you
what makes you think that?

Does it have "correct" information on you, though?

Also, are you really sure that it makes sense to say:
> Google knows me a bit, it now doesn't matter that it has easy insight into ALL my passworded secrets?

I myself find that rather weird. Why wouldn't you try to keep as much information as possible away from the potentially most threatening parties that you have no particular reason to trust to begin with?

Mock me all you want, but i use google's smart pass.

Attached: 1f4ae.png (128x128, 5K)

>giving shekels to chink moot
yikes

pic related, no reason to settle for anything worse

Whats best way to export all passwords from FF?

Yes

I used LastPass for years (I know, I know), and to my amazement I've actually found Bitwarden to be a lot more polished.

It just work, and it's open source I use it on Windows and Android :)

iCloud Keychain. Did not understand why someone can need something else.

Go drink some bleach, shit for brains.

I'm using the Password Exporter addon in FF28, but that doesn't work in FF57+.

Newer versions of FF will have to use one of these.

github.com/kspearrin/ff-password-exporter
github.com/lclevy/firepwd

I have developed and memorized an algorithm, which creates all my passwords + an 16 digit random password which I have memorized. I am not gonna give any hints on what the algorithm is based because I am a paranoid schizo.

But a crude example would be, based on the date which the password was created, go to a particular book passage, and based on the book passage create a password using a specific method based on the score of my favorite team for that week. (This is not the algorithm obviously it is way more complex. Just a very basic idea. I don't even use the date or sports teams)

These two combined are my various passwords.

I don't use one
But all my passwords are offensive to some group of people, so I'm safe from cukcs hacking my shit. Unless he's ready to type nigger.

Not a bad idea, honestly

Holy shit

KeepassXC on Linux of course. And Keepass2Android on Android

but then you need access to the book + a bunch of time to compute the password
at that point you might as well use a key derivation function

literal mental gymastics

>set up password manager
>make ONE good and secure password to memorize/mental gymnastics
>2fa if available/want to
>password manager makes autistic passwords and you don't lift a finger

KeepassXC

I'm waiting for keep ass xD

KEK

Why would I ever trust a password manager. Lmao. Trusting your passwords to a foreign entity is retarded as fuck.
Nobody knows my passwords except me. The method exists only in my head.

I would never trust a piece of software.

>password manager

Attached: Newfag+_63c0a6ca11419ab19ae2d3ec9db7ff10.jpg (2500x2500, 565K)

>using a password manager in current year
Just write them down and send a copy to the NSA and another to the Mossad, it's easier that way.

absolutely destroyed

>Trusting your passwords to a foreign entity
>The method exists only in my head.
>trusting yourself
Literally doomed from the start.

This but unironically.
No chance.

Using software that hasn't been updated for over three years to store your passwords. Yeaaah right...

Better use KeepassXC.
It's a community fork , is fully compatible to both Keepass2 and KeepassX and it is actively developed.

Until you lose that shit.

I would at least have a universal, 16-letter password to enter before/after whatever is in the logbook.

Plus, good luck entering a 100-letter passphrase.

That's called security by obscurity and is total bullshit.
If someone finds out your "secret algorithm" and is then able to recreate all your passwords it is worth nothing.
Algorithms are only secure if you can make them public.

>"Trusting your passwords to a foreign entity is retarded as fuck."
Just don't use one of those crappy online services.
Use an offline open source program like KeepassXC. Your password database will never see the Internet if you don't want it to and since it's open source you can audit the code yourself if you're that paranoid.

>Why would I ever trust a password manager
What do you mean?
Pass just literally manages encrypted text files with passwords on your device and tracks changes with git.

If you don't trust it, you don't trust your machine and can't use passwords on it in the first place.

Jesus christ

I kidnap a nigger and force it to remember my passwords, much cheaper than a password manager

Attached: Smart.jpg (600x481, 44K)

I'm not saying to trust a password manager. You can do it on a default python install from the shell.
I mean, if you don't trust computers at all, then what are you using to store the plaintext? Are you storing everything with paper and pen? If so then you might be safe against non-state actors, but they probably would be able to crack your cipher if they tried unless you are doing AES encryption in your head (which you're not).

>OLD = BAD

Attached: 1539295210646.jpg (689x795, 74K)

considering that this is a single point of failure for all your passwords it is probably under heavy pentesitng pentesting all the time.
and a tool that hasn't seen an update since 2016 is probably full of security flaws by now.
So yes in this case old = bad and I wouldn't use that any longer.

No, it's not any more insecure than any other password manager. In fact, it might be even more secure, since the code has been scrutinized for a longer time so you can be more certain that no crucial flaw has been introduced than with a password manager that's updated all the time.
Not to mention that there really aren't any attack vectors other than regular OS level attacks such as hijacking the UI or reading data from memory. It's just an utility that reads data from a file and decodes it according to a password, there aren't any plausible remote exploits, at most you could get a local exploit by malformed password databases but then again that's just as likely for any other password manager that's written in C or C++.

I like it. When I bother to set up syncthing I'll probably export my database to keepass x whatever and then use that.

That one.
And keepass DX on Android.

>Might as well email me your passwords, anons
If you post your real email I'll unironically send you my real database. It literally contains every single account/password I have, including many private trackers with great ratios and banking details. Feel free to destroy my life if you manage to crack it.
I'll even give you a hint, my master password is just a huge ass passphrase. Normal, English phrase, just really long. No bells and whistles.

>Using other password managers
Tell me you think these companies that manage all your valuable passwords are hack-proof and they never gonna get hacked and leak all your shit all together.

Thing is if you want a password manager you make your own in python and have it non connected on the internet. im building my own as we speak

Lastpass has had two database leaks with no plaintext password leaks.
That likely means they're only storing the passwords in an encrypted way.
I'm not saying it's as secure as a local manager, but it's still quite safe.

Keepassxc don't manage anything. You store your own encrypted database in your own computer. How it will be leaked online?

My head. I reset passwords on occasion.

>these companies
What companies?