Privacy

31931 readers

709 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Autofill-focused password manager? (feddit.de)

submitted 1 year ago by [email protected] to c/[email protected]

13 comments fedilink hide all child comments

Thanks for all the comments. Currently I use KeepassXD/DX + Syncthing.

I hash my password with fingerprint on Android, keep a seperate database containing that one in another place for backup. Maybe thats stupid, but I cant type on a phone.

On Linux I use KWallet, store the Keepass password there, and have a shortcut fetching that password and inserting it into the Keepass wallet using KeepassXC. Works with one click too.

Problems

all entries are either locked or unlocked
to have autofill working, the app cant be killed (Android)
also, all passwords need to be decrypted for it to work

I dont see that this is the best solution. Decrypted, maybe hashed metadata possible to detect autofill fields, and then selectively unlock the needed credentials, would be better.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (2 children)

On Android, I'd recommend looking into Keepass2Android. I don't necessarily guarantee that it'll solve your issues, but it has lots of options and is fully compatible. At the very least, it always offer autofill for me, even when locked and there's various methods of Quick-Unlock.

As for your general problem of having all entries unlocked, that's just a necessary trait of local password managers. I don't really see it as a problem though, since I don't really see a situation where an attacker would only have access to my unlocked passwords, but not also my master password, rendering selective unlocking of entries pointless anyway.

I'd also consider getting a hardware key (YubiKey) and use that in combination with a short password for your password. Both KeePassXC and Keepass2Android support them. More secure and much more comfortable than your current solution.

load more comments (1 replies)