Free password managers

>any idea what to grab?
Grrab this, fag:
*unzips dick*

>any idea what to grab?
Pretty much anything open source. No LastPass or anything like that.

If you want sync, Bitwarden. It's FOSS and so far hasn't shat the bed. If you want it locally, KeePassX

KeePass. It's offline, ugly but easy to use.

What does keepasXC have over regular keepass?

Currently using lastpass but I hear good things about dashlane, is it worth making the switch?

Correct me if I'm wrong.
Keepass was (or is?) Windows application. It depends on mono and run like shit/not native on linux. KeepassX forked Keepass and made it run on Windows, Linux and Osx. KeepassX was considered dead due to its slow development so its community forked it and made KeepassXC (here, C stands for 'community').
So what KeepassXC have over regular Keepass may be some little feature on the application and its development plane in the feature, which, I assume, difference from Keepass. But both of them use the same database, kdbx file, so try both and use whatever you want.

Password Gorilla

I use Bitwarden. It has sync so you can randomly generate a password and not be fucked if you need to access the account when away from your computer.

Obviously there are more secure ways to manage passwords but this is alright assuming you don't have super sensitive data. I mainly just use it so I'm not doubling up on passwords between sites.

Yes you should switch. Even if you don't care at all about privacy and free software, you should really think about taking advantage of it on ur most precious data, that is all of your passwords.

I'm on KeepassX, considering switching to KeepassXC if I can be bothered.

+1 for Bitwarden. I love it I even purchased a premium membership to support the project.

This or its compatible implementations:
passwordstore.org/

Keepass also might work.

How retarded am I for not trusting password managers at all? I got all my passwords written on paper.

BTW yes it syncs, because you put it in git.

The gopass implementation also has recipient management, maybe you want to share some pws or not have some on your laptop...

Macs come with it

Kind of retarded, this method encourages you to have fewer and less secure passwords.

Also what would be untrustworthy about pass? The thing is actually something of which you can quickly read the whole sauce.

Depends on your threat model.

I wouldn't consider you retarded. I use LessPass (not lastpass) though. Don't know if it counts as a password manager though.

Every password I got is a relatively random string of numbers and letters with lower and upper case though.
I've just had my passwords leaked too many times to trust anyone anymore I think.

I use "GitGud 2.0.3" I'd like to upgrade, but seems that won't be happening since the dev seems to have abandoned the project. However, it work really well.

Attached: Human Brain.jpg (660x522, 103K)

That is fine. There's more security that way and only people you know personally would ever have access to it, but that requires them to be dishonest in the first place. The more places you store them digitally the less security there will be.

> Every password I got is a relatively random string of numbers and letters with lower and upper case though.
But you did make them short anyhow, right? It's not completely insane even if you did, but there is a flaw there.

> I've just had my passwords leaked too many times
By open source password manager software...?

gpg+csv+awk

> The more places you store them digitally the less security there will be.
Not really. Digital cryptography is really strong for all we know.

The most plausible risk isn't your password wallet (which you can secure with both a passoword and a smartcard/usb crypto key - and more if you want), but the browser you're entering passwords into. And maybe Windows if you run it on that.

Reinventing a variant on passwordstore.org/ without the option to easily plug it into the browser add-ons and stuff that exist seems rather silly.

>Digital cryptography is really strong for all we know.

lol Do you really think that someone who has access to your computer doesn't already have the one password for your encryption? Do you really think that these "password managers" are safe unto themselves and not some form of data harvesting? Do you think anyone other than pedophiles, government, and business people use hardware keys?

Are you a complete moron? Keep that shit on physical paper or in your head, just not on paper at work/school.

1+ for Bitwarden

Using it both at my job as sys admin (we host it locally) and privately with online hosting.

Both work great.

You say that as if linux shell scripts aren't insanely unreadable bullshit that expands and works in a billion unpredictable ways

>Do you really think that these "password managers" are safe unto themselves and not some form of data harvesting?

You can know that they are when they are open source...

Keepassxc with password, keyfile, and db is the best way.

just copypaste from terminal

>lol Do you really think...
Expressions of incredulity aren't a terribly convincing argument.

> Do you really think that someone who has access to your computer doesn't already have the one password for your encryption?
Who would have access to my computer and what are they supposed to do with it?

Never mind what is EASIER than doing it with a paper password list?

Apart from that, you can use a cryptographic smart card or stick that provides another authentication factor to GPG before you unlock anything. This then can't reasonably be copied by anyone.

> Do you really think that these "password managers" are safe unto themselves and not some form of data harvesting?
Yes, show me where the data harvesting is:
git.zx2c4.com/password-store/tree/src/password-store.sh

> Do you think anyone other than pedophiles, government, and business people use hardware keys?
Yes? They're $20-50 or so at most. If you're worried, you get one.

You probably have more locks on doors in your house than you need and each of them cost as much or more.

> Are you a complete moron?
I'm not the one trying to justify idiocy.

Without the browser plugin, that's essentially what it does for you (one less step, easy as though it may be).

It also has clients that empty the paste buffer after a moment and stuff.

If you like unix, Password Store.
If you're from Reddit, KeePassXC
k

KeePass if you use Windows.
KeePassXC if you us MacOS or Linux

Underrated
*works
*libre
*totp MFA
*built-in versioning
/thread

About 12 characters long. I think it's long enough.
And no, not by open source password managers but it just feels like a bad idea to have all my passwords behind a master password when I could have them in a notebook which you need physical access to.
Do my passwords even need to be impossible to crack nowadays though? Is bruteforcing still a thing?

This.

Who is this qt

KeePass X if you want them offline.
Bitwarden if you want them on the cloud.
There is absolutely no need for a third option.

Attached: 1555184483794.jpg (2544x4000, 1.12M)

> but it just feels like a bad idea to have all my passwords behind a master password
I don't see why, but again, you can also do master password+ one of 2-3 crypto key sticks (just in case you loose one, you can invalidate it and continue with the other one from your safe or whatever).

> Is bruteforcing still a thing?
Yes, with more processing power behind it than ever.

your brain

So I'm currently using KeePass 2. Should I switch to KeePassXC?

if you're on windows there's no particular reason to.

You are actually pretty based, fuck password managers, i dont trust them either

*pushes you aside*

Attached: Oubliette_4.png (498x463, 48K)

Attached: helikopter-doubt-37066240.png (500x911, 169K)

passwords are kinda outdated. We should be using some sort of GPG verification by now instead. Then you would only need to keep track of just one password.

CLI based with built in encryption and profile builder. I use it.
github.com/DuncDude/user

Attached: 58689356_393735591357973_1537363773868736512_n.jpg (640x552, 37K)

Yeah i agree. Last years theres been kind of a shift with fingerprint scanners and face recognition, but there should be a big change i agree. And its only gonna get worse with computers getting more powerful, and quantum on the horizon.

> passwords are kinda outdated.
No.

> We should be using some sort of GPG verification by now instead.
That's not really true, but you might mean that you'd use FIDO2 or TOTP/HOTP or something? Yea, these already are being used.

> Then you would only need to keep track of just one password.
That is the case when you're using a password manager. Use pass or gopass, then it's even exactly protected by GPG.

> fingerprint scanners and face recognition
The most retarded shit ever. THOSE are passwords that you leave fucking everywhere.

Somehow the message hasn't arrived with people yet how insecure this is even after the chaos computer club pulled a fingerprint of a minister of defense from a press photo that wasn't even TRYING to steal that fingerprint.

> And its only gonna get worse with computers getting more powerful, and quantum on the horizon.
We already know which ciphers are safe to quantum computing, and nothing has changed about that yet.

Quantum computing isn't a magical infinite speedup for everything no matter if you manage to operate 1 billion qbits at a rate of 1000 operations/second.

Just give me the sauce man. I can't keep up with all the insta thots

>Not writing your passwords in paint and saving your passwords as png format

Attached: fag.png (294x192, 6K)

Well fuck you then user

Is enpass just terrible or why do I never see it brought up here ?

adobe reader

>it just feels like a bad idea to have all my passwords behind a master password

Master password + 2FA

Also typing 16+ Letter Passwords from a notebook into a browser each time does just sound inconvenient?