What's the Jow Forums way of managing passwords? I was thinking of using KeepassXC to generate passwords and store them, syncing .kdbx with Syncthing between devices and having an usb drive hanging from my car keys that also has the .kdbx file to use on public computers.
What is the purpose of using a master key file + password in my particular case? I would store the key file on the same usb as the .kdbx file so that would just defeat the purpose of it, or what you think?
>if i install a second lock on my front door and leave the key in plain view on the doorstep, is the second lock pointless?
Nolan Gonzalez
I'm still using password. If you want to use password manager on a public pc, how would you manage the databse file and master key file in a way that the key file is not useless?
Isaiah Fisher
KeepassXC on my conputer, KeepassDX on my phone, .kbx synced through Nextcloud. Not the safest to use a cloud provider, but it's convenient.
Jayden White
if your keyfile is also encrypted, you gain nothing in security and an extra risk. should your keyfile become corrupted or lost, your password db is inaccessible. come up with a secure passphrase for your db and use it. a keyfile that you keep right next to your password db is pointless. it doesn't matter if the keyfile is encrypted too.
Jason Cook
I store key file locally and sync only db Never have both on unencrypted storage
Sebastian Cook
THINK, man. what security benefit do you get out of the key file? which scenario does it protect you from? how likely is that scenario? is it worth the tradeoff?
you plug your usb drive into an attacker-controlled public computer. attacker copies your password db and keyfile, then keylogs the passphrase for both when you unlock them. the keyfile did nothing for you.
really ask yourself if there's any way in which having a keyfile is more than just an extra risk of data loss.
Nolan Rodriguez
Your keyfile should be something easily accessible like the google homepage header or something else common.
Tyler Gutierrez
>the google homepage header >use some data that changes all the time as your keyfile you're stupid
Michael Murphy
The keyfile is used to enable using the password database only on specific devices. For example, you enroll a device by copying the (immutable) keyfile onto it via e.g. SSH, then you have your main (mutable) password database on a cloud service. If the latter gets compromised and someone somehow guesses your password, they still can't access your passwords since the keyfile isn't on the cloud.
Landon Campbell
there. that's how you use a keyfile. keeping it next to your password db is absolutely pointless.
Owen Moore
Dont use a master key file if thats your pretend use Any keepass version is fine
Leo Peterson
Well that's kind of the question, what's a safe way to use master key and password if I would need to use passwords on a public computer?
Juan Clark
don't login to secure accounts from a public computer.
Jeremiah Sanders
If want to use a keyfile put it in a encrypted volume/disk(usb) dont forget to have a backup and use a cloud to keep it synced also this or if you are going to do it have a tails install on a usb and use it at the public computers If you really care about security dont use public computer even if you are carrying a tails/whatever install
Gabriel Murphy
Looking into using keepass, what is the difference between the keyfile and db? Can I access passwords if I have only one of them? Wanna migrate from LastPass after I've been red pilled, so is there a method of online syncing them or is that just dumb?
Evan Richardson
Keyfile is a file you need to open your database. Database is the file that holds your passwords.
Angel Powell
Thank you. I feel like if someone has an access to my usb and the password I use for the password fatabase, he would probably also have the access to encryption key. Maybe it's just enough or even recommended to just use one password in my case.
True that if I cared enough I wouldn't use public computers at all, but there's times when you really have no choice, like university.
Thank you for the tails tip btw.
Is there some recommended usb stick that can take up some beating and is small enough for keychain, with also reliable memory chip?
Used a build-in passphrase to generate 10 words passphrase as master password. I have the kdbx file on my compute, thumb drive, my old notebook for game/movie that doesn't connect to the internet and my phone (sd card to be specific). I change passwords once a year or something like that, so syncing isn't a problem for me.
Christopher Morris
>having an usb drive hanging from my car keys that also has the .kdbx file to use on public computers If the public PC has quiet remote viewing, whether legit or by trojan, isn't that a huge security issue for you? My kdbx file is only opened on my own device
Hudson Allen
The Jow Forums way is to use pass, the standard Unix password manager
Yes that would be a problem. There's no way to bypass that if you NEED to use the publkc computer tho is there? Unless you can boot up the mentioned tails from usb
Jose Wilson
load on your phone and manually key them in sucks but it's better than the alternative
Jackson Smith
why the fuck GNOME Keychain is a thing (and sometimes is forced by shitty enterprise software) when this exists?
Aiden Flores
I keep trying to come up with a plan in case there's a fire and somehow I don't manage to save anything. Let's say I store bootable flash drives somewhere, like outside in my car and in my shed, along with enough cash to buy a laptop. But then how the fuck do I log into sites that say "unrecognized device. please enter code from text message", when my phone is gone.
Same with genuine 2-factor logins. If it's solid and your phone dies, you're pretty much fucked. Otherwise, it's not really 2-factor if you can talk your way in without the phone.
Damn I miss the good old days when the biggest decision was where to get my daily burger.