It is 2k19

It is 2k19
Should I use any password manager? got so many random accounts on shitty sites and many got leaks, also I started having troubles remembering all of the passwords because they are fucking cAsE SeNsItIvE, or need special signs, so is it worth to get a manager?
(also for android)

Attached: console.jpg (1080x840, 73K)

Other urls found in this thread:

haveibeenpwned.com
anyforums.com/
twitter.com/AnonBabble

I'm gonna say yes, they're pretty good for the most part. Just get an open-source one, no personal recommendations tho

Yeah should be a more common thing honestly.
Bitwarden is good, self host it and can still use the app. No complaints from me.

haveibeenpwned.com
If you pass then don't worry about it.

lol @ ur jpg

Yes. Use gopass / pass.

pencil and paper desu

KeepAss

Use KeePass. Never rely in a web-based password manager. Keep your database safe and BACKUP IT PROPERLY.

Use a strong passphrase to protect your manager, at least 40 char. long. Write it in a piece of paper so you can memorize by using it. For most websites, a 20 char. long password is enough, don't bother with more than that, just use the pass generator inside the software.

Don't let your browser store the passwords too, that's important.

I have always treated password managers like I do cloud botnet services preferring to just re use passwords.

Am I wrong? Am I too old fashion ?

I use KeePass and keep my shit "synced" and backed up by uploading new versions of my database to Google Drive (yes, fuck Google and all that jazz, but it's convenient for me).

>at least 40 char. long
>a 20 char. password is not enough.
You're talking millions of years vs billions.
Remember the leap is exponential
Estimates for a 9 character password is 5 days, 10 is 4 months, 11 is one decade and 12 is two centuries.

keepass with encrypted database stored on google drive

We're talking about totally different situations. Your manager needs to be safe, here we really need the 40 char. long pass. But who's going to brute-force your random account in a shady site? It doesn't really matter, you can use 100-bit passwords everywhere (even tho some websites won't let you do that), but I personally always try to keep them not too complex.

Assuming that the NSA probably can guess up to 1 trillion passwords per second, as Snowden said before, anything below 20 is literally nothing for them.

The only thing I'd really be worried about is Keefarce, and that's super unlikely.
I use 128 character passwords too because it makes no difference for me using a password manager, but I'm sure snowden was talking about running a bunch of tasks in paralell and the NSA is not capable of cracking a 20 character password in any reasonable amount of time.

Any reason to use a password manager rather than hashing your own passwords?

Lewd

Attached: image_search_1565284615416.jpg (906x1580, 333K)

It is less autistic and much more convenient.

OP; use pass.

Attached: passwordStore.org.png (678x749, 90K)

Yes and you should use open source ones exclusively. Thankfully this isn't an issue as the best are FLOSS. There are a lot of smaller ones out there or those for specific circumstances ( ie Passman.cc for someone who has a NextCloud instance ) but the best options overall are KeePass and BitWarden.

KeePass is the best protocol for having a database you control. There are several clients including the Keepass.info (aka original KeePass now on version 2.x) which has the most plugins, and KeePass XC which is a little simpler. On Android there is Keepass2android and perhaps best of all KeePass DX. You'll need to consider where you want to keep your database file and cloud storage is an option as well as using syncthing etc.

BitWarden is cloud based exclusively but has open server and client alikes. By default you can use their server for free or premium for really cheap, or you can with a little work install your own server

So year both of these will help and have a lot of features.

>putting your password into a glownigger operated site

Attached: cia.jpg (1024x544, 60K)

how is it better than keepassXC?

no, just accounts/mail addresses. why the fuck would you think you'd need to put passwords to check? lol

Literally doesn't matter if you use google since it's all encrypted. that's not stupid at all. anyone who says "fuck google lmao" REGARDLESS of context is just a retard