this post was submitted on 20 Aug 2024
194 points (96.2% liked)
Asklemmy
43945 readers
985 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy π
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Password managers. People will use anything but that: paper, notes app (without any security), using the same password everywhere...
Came to say this exact thing.
FFS I have 100's of passwords saved in my keepass DB, they are all different.
Passwords will only autofill on the correct site, so look alike sites are captured by that simple bit of security.
I keep trying to convince my parents. Then they say but what if I forget the master password? I say they won't with a passphrase but they don't believe me.
Also I don't have experience with PW managers other than 1Password, Bitwarden and Roboform. I personally didn't like Bitwarden. I think it's UI is janky and oldschool. Roboform is so bad I don't even know where to start complaining. So I keep using 1Password even though the UI has been getting worse but it still works for me because of the good integration into the Apple ecosystem. But it's rather expensive for managing the 20 something passwords my parents have. I read about breaches on other PWMs sometimes so I don't really know what to trust and recommend.
Set my family up with Bitwarden. Had them think up good passwords, told them not to tell me, etc. etc. they went and promptly forgot it.
One of these days I'm going to set them up again but this time I'm going to have to save their master passwords on my account.
Show them you can export the passwords and print them. It will help them to make the switch to know they cannot lose everything because it is on paper. It is what helped my parents
Keepassxc works fairly well for me, with a few quirks. Don't know how it is on apple though.
I keep telling myself I need to start using a password manager but I'm worried I won't be able to log into things on my phone or other devices like my work computer when I need to because I don't know the password. Is that a legitimate worry or is there a solution for this? How do you sync passwords between computer and phone?
I hse keepassxc and store my password database in onedrive. My phone has an app keepass2android which can read the database in onedrive.
Eh, I don't trust any 3rd party enough to give them all my passwords and I don't trust myself enough to secure a server for self hosting a password manager.
I know all my passwords, can't forget em, no paper or notes, no repeat passwords.
If you know all your passwords and canβt forget them, Iβm assuming your using some sort of pattern to remember them in which case you have a major issue in case of data breaches as your other passwords can be guessed.
Just as a heads up, sometimes the pattern is not that easy for computer to brute force. As an example, my old password contains a birth date but with an alternating shift making them a combination of digit and symbol.
The issue is if you are a) targeted, and b)involved in multiple breaches. If they can get the pattern, they potentially get everything.
Is it worth it? That depends. Are you willing to risk it NOT being worth it to a random guy in Africa earning a few $ a day?
Yeah, a fair point
Keepass. Password database is a local file.
Technically you could use PGP to encrypt a .txt file with all your passwords in it. Which would be more or less the same thing with a lot less polish to it.
Sorry, what is PGP?
PGP is 'pretty good privacy'; it's an encryption standard. It's not the best, but it's fairly easy to use, and it going to resist decryption pretty well, for most use-cases. The idea is that you have a public key, and a private key. The public key allows messages to be encrypted, while your private key allows decryption.
this is the way
Sorry stupid question, but how do I import my passwords from Proton Pass to KeepassDX?
I looked it up for you; you can export your Proton Pass database as a .csv file and then import it into KeePass. Not sure about KeePassDX but on XC, there's a csv import option. There's also a json import option but it says BitWarden for that so I'm not sure if the json Proton Pass exports is in the same structure as KeePassXC expects.
Keepassdx is an android app for keepassdx databases with a nice ui. I use it too.
Thanks for the answer! Another question: does saving the data on KeepassDX keep all the passwords and such for me to import to other apps if needed? Or what does the file include?
You can export as csv, html, xml from KeePassXC. Dunno about DX but you can just try it on your desktop if it's not an option on mobile.
You know I'm looking up all these answers right? I don't mean to be rude but you can and should just look these up yourself. You can check import and export options by opening keepassxc/keepassdx and checking for yourself
Yeah, you're right. Sorry, I definitely have a tendency to treat Lemmy as a search engine sometimes. Nonetheless I appreciate you answering me!
Fucking THANK YOU.
A very good friend of mine doesn't use any password manager. I've often in the past told them why don't they? They argue that then all their passwords would be gone if they forget that one master password. Okay, I say, how the fuck is having to remember 1 password harder than having to remember 20 passwords?
Any good password manager nowadays also has an account takeover feature if you opt in. Basically your spouse / child / parent can take over your account to recover it for you if you canβt get in.
I had to save my wife's account before on 1password family. It worked nicely!