I use OneNote, with a bunch of coded words that mean other things and mix and match those to make longer passwords that are all different. Because I'm too lazy for a real app, and this is secure enough and useful enough.
this post was submitted on 15 Jun 2023
194 points (100.0% liked)
Privacy Guides
17205 readers
27 users here now
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
- We prefer posting about open-source software whenever possible.
- This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
- No soliciting engagement: Don't ask for upvotes, follows, etc.
- Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
- Be civil, no violence, hate speech. Assume people here are posting in good faith.
- Don't repost topics which have already been covered here.
- News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
- Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
- No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
- No misinformation: Extraordinary claims must be matched with evidence.
- Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
- General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Additional Resources:
- EFF: Surveillance Self-Defense
- Consumer Reports Security Planner
- Jonah Aragon (YouTube)
- r/Privacy
- Big Ass Data Broker Opt-Out List
founded 2 years ago
MODERATORS
It might be a minimal effort to set up. But afterwards any pw-manager will propably save you lots of effort.
Bitwarden user here.
Self hosted Bitwarden is the bees knees.
I use Bitwarden and honestly couldn’t be happier. My partner and I both use it, so it’s incredibly easy to share any credentials we both need to use. It also works great on every platform I’ve personally tried it on, and I like that I can use it for totp 2fa as well.
I rolled my own, actually. I don't store any passwords (even encrypted). Instead, I just append the site name to my base password (which is in my head), hash it, and base-52 it. (I also start each password with the same uppercase letter, lowercase letter, punctuation mark, just to ensure it gets past any bullshit filters)
I like that there's nothing that can be leaked (except what's in my head) and nothing to be lost and nothing to back up.
load more comments
(3 replies)
Keepass on OneDrive, so I can access it from my computer and phone.
KeePassXC and Nextloud to sync things between devices…
Vaultwarden for work, KeePass and KeePassDroid for private use.
I used to use keepassxc, but I was too lazy to sync everything with syncthing. That's why I use bitwarden
I use a self hosted vaultwarden instance! Should probably migrate it to my new server soon-ish though...
- Bitwarden for my Passwords.
- Keepass for my password for Bitwarden.
- An master password + picture(key) combination for access to my keepass.
What does the intermediate step add?
Not the guy you are replying to, but it would allow the user to create a very strong password for Bitwarden, and use an easier one to remember for Keepass, since Keepass would still require a key file to open the database.
I kind of like the idea, actually! LOL
NextCloud
Enpass. I sync my vault with my Nextcloud, but it would also work completely offline or with direct-sync between my devices.
load more comments
(2 replies)
Keepass 2 on Windows Keepass2Android on phone & tablet with the file on DropBox
Bitwarden after lastpass started charging for the same service
Bitwarden for several years.
Same here. I used to have LastPass, but after their privacy fiasco, I moved to Bitwarden, which I find to be rock solid. The fact that it's open source helps me feel more at ease that they won't pull any crap as easily as other password managers.
Maybe a tangent, but what are the security implications of a password manager? It seems like it would replace many individual things that can go kinda wrong with one big single point of failure, which frightens me 😆
Happy to be wrong though. They definitely seem convenient.
You have a point there. But if you use a password manager with strong encryption, 2fa etc. you can minimize the risk somewhat. I came to the conclusion that the benefits of using extremely long, secure passwords outweigh the risks if you follow all the best practices. Plus the added comfort.
This line of reasoning kept me away from password managers for a while, but I've been using Bitwarden for almost a year now, and I could never go back.
You're technically right, but a better way to look at it is that it reduces your surface of attack from many weak points, down to one, very strong and secure point (assuming you use a reasonably strong password for your vault, and don't log into your vault on public networks or anything like that).
But at the end of the day, using a password manager is vastly superior to relying on your memory, which is what many people still do.
I've started using Bitwarden after two of my coworkers quit to go work at Bitwarden. Really nice interface, and very easy to use
Dashlane. I need a service where I can share/manage things for my elderly parents, and Dashlane is easier for that after LastPass became a dumpster fire
I use pass but recommend Bitwarden when people ask for a recommendation.
When using pass, if you have a lot of devices and forget to sync at times you better know at least basic git lol.
load more comments
(6 replies)
Well, ahem, I use index-cards in a box. Never looses batteries - totally hack-proof !
I used to use 1Password standalone, but they moved away from it and started only selling password management as a service and I really didn't want that, so I'm running Bitwarden now on a private VaultWarden instance for myself and my wife. It's been great and is a good option if you want to run your own platform and not use Dropbox or other third party cloud storage or platforms for the data. Obviously, you're then responsible for backing the data up, etc., but I like the flexibility and data ownership of it.