Password Manager

Does Jow Forums use a Password Manager for every account?
Is it a good practice to only use random passwords generated by a password manager?

Attached: pm.png (1144x844, 58K)

Other urls found in this thread:

lastpass.com/support.php?cmd=showfaq&id=6926
passwordstore.org/
twitter.com/NSFWRedditImage

keepass

Keepass XC works on all platforms
For me i don't use any password manger, i just remember them,good memory

Yes, but it's getting increasingly frustrating when you try to work with mobiles.

I bought a drone recently, signed up to dji.com with a password manager password. Then somehow I'm meant to sign into the app on my mobile with this fucking thing.
Lastpass lets you logon to websites using the app but in this case I'm down to pasting it into notepad.exe and typing it. Which would be fine if it was all lower case or whatever but fuck.

Bitwarden is the correct answer. The mobile apps are great too.

Keepassxc
When I need a password on my phone I generate a qr code and scan with the phone

>phones

Attached: 1551297340252.jpg (618x619, 59K)

>still using phones
Enjoy your botnet and being tracked like a tagged animal just so you can send random loltxts to your supposed "friends" who you'll lose touch with and never hear from in the next ten years, kids.

Do you guys even get a signal in mom's basement?

Attached: 1551023558419.jpg (250x219, 14K)

>animetard lives in a mom's basement
Why am I not surprised?

Keepassxc.
I generate a unique pass for every single account I sign up for.

The only account passwords I know by memory is my main gmail & bank account. My keepass database is backed up weekly to my google drive encrypted, so in the event my apartment explodes, I can always get all my credentials back by logging into my gmail.

Your screenshot genuinely concerns me.

Surely lastpass has measures in place that prevent them from being able to have access to your accounts right? if lastpass were to become compromised, what would that mean for the end user?

Self-hosted Bitwarden

Keepass + some cloud service if you're a boomer

Depends how their system works. We can assume they store encrypted content.
The encryption and decryption would have to be done client side to be somewhat safe.

Here are some answers: lastpass.com/support.php?cmd=showfaq&id=6926

Why keepassxc over keepass 2?

Enjoy killing yourself after your parents die and you're incapable and unwilling to get a job. Also, what are custom ROMs and microG?

Password Manager is my fuckin head, nigger.

What's the best practise for keepassXC

write in master password and copy-pasta password into login field, autofill, or something else?

having passwords outside brain is a security risk, fthat.

You should avoid copy&pasting. Use the autofill (CTRL+V) option.

Not Android

>No Password Manager
Trust the browser.
>Password Manager
Trust the browser and the Password Manager.

Best option is encrypted text file.

Anyone who replied "my head" in this thread is a legitimate double digit IQ mouthbreather who uses the same password in every single place.

imagine being this retarded

>have one master password
>put name of website after it

brilliant

Attached: 1495141153187.jpg (617x932, 76K)

I use keepass to generate my passwords then printa couple copies. One in the safe in my house. One in my wallet and a backup in a safety deposit box ( I do my banking while I'm there for extra efficiency). I create the password database on a offline computer, encrypt it, and make a couple more backups.
I do this every six months or if I know I've been compromised ( wallet stolen, house robbed, etc). Takes about 20 minutes (not including the back where I do my banking anyway).

Staying secure is literally the easiest thing lmao 20 minutes

just assume everything is compromised and use 2FA you dickhead

look up your mail on pwned and you'll see everyone and their dog has all your passwords

Attached: f20c4b10.jpg (599x450, 45K)

keepassx2, can someone redpill me on other forks? I only use it on my computers and don't need synchronization because rsync over ssh exists.

Not every platform has 2fa. And haveibeenpwned is an example of why you should
1. Have different passwords for everything and
2. Change your passwords on at least a semi regular schedule
Companies are retards with your security but you don't have to. Try your best to midigate.

that is the most retarded thing I've ever heard

>You should avoid copy&pasting
Why? (I'm a tech babby pls be gentle)

Attached: 1549388185856.png (658x866, 276K)

KeepAss DX for Android

And you're a legitimate retard who's way too dumb to remember simple passwords related to private things, lmfao.
Kill yourself my dude, you're unironically wasting space here.

I know there's password managers that make use of the keepass database format, but I what I meant is that KeepassXC isn't available on Android. You'll have to use something different.
Btw, how is DX compared to Keepass2Droid?

>lmfao
>my dude
Don't ever post on this board again.

do this but hash the result and only then is it a feasible option

>entrusting anything vital to software

Have, yeah. enigma worked out real well for the Germans lol

Nice comparison

Not

Can you get the premium features for free if you self host?

>2. Change your passwords on at least a semi regular schedule
Way too much effort for non-important websites. I have accounts to over 1000 sites. I'm not about to go through each one and change them on a 'semi regular' schedule.

>I have accounts to over 1000 sites

and this is why usernames and passwords fail

if it was just 1 login for everything, like OpenID or something, I'd gladly change the password automatically every single day.

but due to fragmentation and a billion different retard login systems, updating passwords en masse is basically impossible

Attached: [HorribleSubs] Hataraku Saibou - 07 [720p].mkv_snapshot_08.58_[2018.08.18_20.23.53].jpg (1280x720, 104K)

Brain and common sense 95'

based bitwarden user

if you dont like the app, get the generator to make passwords based on words like
"always-eating-pussy-onions-btfo"
you can get a good amount of entropy if its long enough, and its a lot easier to remember and type on a mobile keyboard

>if it was just 1 login for everything, like OpenID or something
That sounds like a security nightmare though. If that login gets compromised then you're royally fucked. Plus I wouldn't want 1000's of sites linked to a single identity I use.

Master Password master race.

It's in the name.

Or what? You're going to forget about it because your brain is clearly not capable of retaining basic information for long periods of time?
Stay mad pham.

If they are "non-important" you shouldn't have an account on that site.

There are some accounts that I consider complete throw-away and use some password1 type deal. But everything else I use Keepass for.

You know an easy way to remember 1k+ passes like a total retard?

Remember atleast 1 very 10-word password. Then for every other site you use, add @site.com to that pass. So now everytime you visit a site, you just type in your regular pass, then @site.com. ez!


In most cases you need an account for basic access to things.

I just let my browser handle my passwords.

I understand that everywhere requires a login. What I am challenging is the idea that you should be using those services if they aren't important. Why would you open over 1,000 different accounts to things that are trivial?
That's an honest question. I wonder why you would open an account to something you consider trivial?

using the internet is a security risk, fthat.

Yes, and the obvious solution is to stack risks vectors instead of reduce them. If we're going to do something intrinsically risky, does it really matter if we make it even riskier on purpose? I should have seen it all along.

then wth are you still doing here

You're clearly a nigger because you type like a low IQ monkey. Stay retarded.

Attached: 1304077211857.jpg (429x495, 52K)

it's still a security risk, because the cia niggers can kidnap and beat it out of you.

the best way to store your password is to never know what your password is.
But of course, that's a paradox.

Don't listen to them, you just need a pw manager with a 15 to 25 characters password.

if it gets leaked, then nothing happens, it's just one password.
yep, by far is the safest and most convenient way to store passwords.

1 good 20-character password and that's it.

that will get dictionary attacked.

passwordstore.org/
free, open source, and respects your freedumbs

Now the clipboard contains a copy of the password that both the browser and the password manager can't guarantee will be erased after you're done with it

Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden Bitwarden

My password manager is random words I think of and a sheet of paper.

If you never reuse passwords and make sure to pick strong passwords for things that matter like online banking then you don't really need to change them all the time

>accusing someone of "typing like a low IQ monkey"
Oh man, the irony here is so fucking hilarious.
Now seriously dawg, off yourself.

KeePass manager syncronized with Syncthing, works good for me. What about you guys?

>the password manager can't guarantee will be erased
Auto fill is more comfortable though

Attached: 456785768567.png (267x55, 1K)

KeePass 2
>using KeePassXC
cringe and shittaste pilled

this. I haven't had to copy/paste or manually enter a user:pass in years.

based and redilled

>KeePassXC
>last update Aug 23, 2018
lol, just hand your stuff over to the FBI on your own already

unless there's a security issue, it doesn't need to be updated. I mean what the fuck do you want?

I use Enpass but it's closed source and entirely developed by pajeets.

Is it too late for me Jow Forums?