Password Managers

Question

Password Managers

David Nguyen

Are they a meme or worth the time?

Attached: dWFswB9p_400x400.png (240x240, 3.99K)

October 27, 2018 - 18:53

Other urls found in this thread:

passwordstore.org/
tools.suckless.org/dmenu/scripts/passmenu2
keepassxc.org/docs/#faq-keepassx
twitter.com/SFWRedditVideos

Ayden Nelson

It's the only way to have secure passwords for everything. I use keepassx but there are simpler ones like pass.

October 27, 2018 - 19:08

Ethan Garcia

Password managers don't involve much time investment to use. They're really only shit tier if they're built into your browser or closed source.

October 27, 2018 - 19:24

Leo Jones

told my friend to use a password manager and now he thinks I'm free tech support for life because he can't be bothered to read how to use it

ugh

October 27, 2018 - 19:27

Thomas Roberts

I use pass as well:
passwordstore.org/

It's simple enough, though having to pull up a terminal can be annoying at times, but how often do you really need to enter a password? It doesn't have a standard scheme, which is a good thing because it does not force you to abide to some arbitrary scheme, but it's also bad because you there cannot be any tools which can parse the files and extract specific data. There is the a quasi-standard scheme described on the homepage, so that's the closest thing to a standard.

If you decide to back up your passwords somewhere make sure the master password is strong enough, you should be able to hand your passwords (encrypted of course) to any person and be confident they won't get anything out of the files. And make sure the master password is really safe from the start, if you decide to change it later the other person will still have the old version of your files protected with the weaker password.

October 27, 2018 - 19:29

Liam Phillips

just let chrome manage your passwords, and they'll even back them up to the cloud for you for free.

October 27, 2018 - 19:32

Leo Martinez

KeePassXC

don't use LastPass. it will get pwned one day.

October 27, 2018 - 19:46

Aiden Jackson

Use this tools.suckless.org/dmenu/scripts/passmenu2

October 27, 2018 - 20:15

Ryan Green

start saying no to people.

October 27, 2018 - 20:22

Nicholas Murphy

yes and they're all bloat

kill self
you have to be fucking retarded to not write your own. your disk should already be encrypted, so you don't even need to bother with the crypto part

October 27, 2018 - 20:39

Angel Baker

They're botnet

October 27, 2018 - 20:41

Blake Myers

My disk is encrypted as well, encrypting the passwords means I could upload them here if I wanted to. I can afford waiting a few seconds to decrypt the passwords, if I couldn't I'd have to commit them to memory anyway.
You'd have to be retarded to waste time reinventing the wheel.

October 27, 2018 - 22:06

Julian Gonzalez

Just make up your own passwords, I have a mental algorithm I use to generate 30+ alphanumberic passphrases I use on any site I care about the credentials of... And there aren't many sites that I care about.

October 27, 2018 - 22:16

Cameron Phillips

What if you need to change the password for some site?

October 27, 2018 - 22:18

Carson Perez

Can anyone explain why there are like 500 versions of keepass?

KeepassX
KeepassXC
Keepass2X
Keepass2XYZ

Like what the fuck?

October 27, 2018 - 22:18

Adrian Campbell

botnet. they had password leaks before
why the fuck would you entrust your stuff on a joke of a company that's under constant target?

October 27, 2018 - 22:46

Lucas Morris

It's easy to make passwords, but I probably have over 50 kinds of accounts on different websites all non-interconnected.

October 27, 2018 - 23:10

Dylan Mitchell

because a bunch of retard nigger skids just poo them out

October 27, 2018 - 23:11

Owen Martin

Meme? They're required, given how fucked is webdev. No, using a formulaic password is not enough. Neither is some variation of "correct horse battery staple".
If you're really paranoid, even storing your passwords in an encrypted text file locally would be preferable to password reuse. Then at least it's up to you to fuck up, not to some intern that believes storing your data in plain text in some unsecured S3 bucket is completely acceptable.

1Password is OK if you like convenience and HSM integration.
KeepassXC if you don't trust your passwords to the *cloud*.
pass if you like something even simpler.

IIRC the original Keepass was a Windows only .NET program. There was a fork to make it runnable in Linux under Mono, and yet another fork of that to port it to something else other than .NET. Use KeepassXC.

October 27, 2018 - 23:24

Jason Brown

You're confusing KeepAss with LastPass. I think the leak was they had browser integration, which is retarded since browsers are a nightmare.
Again, that's LastPass. Closed source, keeps your passwords "safely" in the cloud. keepass isn't a company.

October 27, 2018 - 23:29

Ethan Turner

yes it is you stupid fuck, as long as it has enough entropy.
No, that's the correct way to do it
no, using passwords for authentication is unnaceptable. only nigtards reuse passwords and even then they have 0 entropy and the hashes get cracked in 5 seconds, so all your jerking off about password hashes was for nothing

October 28, 2018 - 00:17

Samuel Bennett

It doesn't matter how much entropy it has, if you use it in many different sites and any of those sites gets compromised. That was the point.
Given that the only kind of SSO supported by most sites is either botnet Google or botnet Facebook, you're bound to make dozens of different accounts, each with its own password.
Storing them in an ad-hoc manner is just inconveniencing yourself. As I listed, there are options for even the most autistic CLI only user.

Are you that intern that I was ranting about?
You clearly don't know shit if you're arguing against proper password hashing (PBKDF2, argon2, etc.) + salting. Even cracking a single password would take WAY longer than 5 seconds.

October 28, 2018 - 06:55

William Johnson

i use bitwarden. its open source and you can host it yourself.

October 28, 2018 - 10:14

Dylan Diaz

Passwordmanagers store your passwords in a centralized or easy to find location.
The entire point of passwords is that only the user in front of the PC knows them.
The concept of storing them on the machine is completely retarded and against the entire point of having a password.
It's like sticking the key on the door or writing the code on the safe.

October 28, 2018 - 12:18

Samuel Walker

keepassxc.org/docs/#faq-keepassx

October 28, 2018 - 12:35

Elijah Baker

If your passwords are properly encrypted it is safe. If they are not, then of course all security is gone.

One thing worth adding is that getting your data out of pass is really simple, since it's all just text files anyway. If the passwords are stored in some sort of database you first have to go figure out that database format. If pass were to go tits up at some point it would be dead simple to get your passwords into something else.

October 28, 2018 - 12:41

Jackson Nelson

and entirely pointless

October 28, 2018 - 17:11

Jason Lewis

Btfo

October 28, 2018 - 22:21

Anthony Wright

pwsafe
I use the CLI utility.

October 29, 2018 - 12:39

Liam Johnson

use them. If you're not retarded, you should be able to roll your own with gpg.
If you don't use them, you will inevitably reuse passwords or password patterns across sites, and one of those sites will inevitably leak your password, and then some twat will try youremail:yourleakedpass against every login page in the entire world and eventually find your other accounts.

October 29, 2018 - 13:10

Elijah Smith

You are every Russian hacker's wet dream, duptards.

October 29, 2018 - 13:29

Charles Morgan

Argon2 or bust

October 29, 2018 - 13:38

Connor Sanchez

A little more bloated than KeePassXC though despite being audited recently

November 23, 2018 - 03:11

1 2 ... 4 Next

Password Managers

Last threads