This is a most excellent place for technology news and articles.
I guess now is as good a time as any for them to start using a proper password manager.
Personally, I recommend Keepass - it has multiple clients for all platforms, and you can keep the file in sync with a program of your own choosing, like Dropbox, syncthing or whatever you like.
Vaultwarden ftw
Exactly! Self hosted FTW. Chances of a data breach.... Typically pretty minor if you are smart.
Chances of losing the data is higher with selfhosting too. Unless you’re doing some sort of multizone replication, or course.
Yeah. Daily and weekly cloud backups solve that for myself for sure.
I use syncthing so there's a copy of my password database on each of my devices.
I am hosting on Home Assistant which itself gets a backup to my Google drive and my personal machine. So there are two backups, as long as HA doesn't create a corrupted backup 3 weeks in a row I am good.
Borg backup to borgbase is not very expensive and borg will encrypt the data plus the vault is also encrypted
Keep vaultwarden behind wireguard for local only access then also use https certs and good master password. Very secure like this
+1 for a self-hosted Vaultwarden instance. If you’re technically capable and have extra hardware laying around this is the best way to go.
Although a backup is still required or you are gambling on hardware outliving your need for your data.
100%. Make sure to follow the 3-2-1 backup rule with all things you do.
Shoutouts to paper and pen.
Keep the booklet in a safe place.
Typically, the drawer just below the keyboard (in my experience)
If it's my mother, post it notes stuck to the laptop...
This is the first suggestion here that's actually within the technical abilities of most people, even most Lemmy users.
The level of technical knowledge some of people here seem to think the general public has is absurd.
If you never, ever need your passwords outside of your home, that's great advice - it's as secure as can be against digital theft. Less so against fire though, and backups are out of the question.
Well you can write a copy and keep it in a shed if it's unlikely to also catch fire.
You can have backups of physical books. Just copy the text from one to the other. Yeah it is manual work but so is writing the first one in the first place. You can then store the second copy in a fire resistant safe or at a friends or family members house (maybe inside a safe as well).
I just store all my passwords in robots.txt on my web server, makes it easy for me to access them anywhere I go...
/s
I have a firesafe at home for important papers, passports and some emergency cash. I keep my passwords there.
Keepass XC on PC, Keepass DX on Android, Syncthing to sync database
Works flawlessly!
Most amazingly, this setup is also unexpectedly resilient against merge conflicts and can sync even when two copies have changed. You wouldn't expect that from tools relying on 3rd party file syncing.
I still try to avoid it, but every time it accidentally happened, I could just merge the changes automatically without losing data.
Bitwarden is probably a more pragmatic choice for most users, given that it's free and without having to manage the syncing yourself.
Any password manager is better than the alternative, though.
Sweet. A special sunday collaboration episode of Why You Use Firefox, and Why You Use Linux.
Well, there does keep being more reasons by the day...
A better statement should be: you should remain vigilant and light on attachment to any banner. If an ill wind blows and you don't like it, it's time to move. Control your data- aspire to be a digital nomad.
Firefox isn't without it's own issues, recently. Google used to be viewed as a paragon once, too.
Google was always incorrectly viewed as a paragon.
Once upon a time I think they were largely harmless ... but once they started leaning into profit over quality they went rotten in a hurry. Exactly why I'm concerned with mozilla's path.
I don't use the password manager in Firefox, what a terrible idea.
Use an independent password manager, something purpose-built.
And using Linux? Hahaha, right, right. Call me when there's a serious OneNote, or even more importantly, Excel competitor. (Or even a standard shell on Linux, or the same set of tools built in).
Use an independent password manager, something purpose-built.
Why? You're talking as if browser password managers aren't purpose-built. "I love entering a password to fill my passwords for me instead of entering a password" —statement dreamed up by the utterly deranged. (I think we all should just use auto-locking.)
OneNote
Web-based stuff like Notion and Google Keep
Excel
LibreOffice Calc with Tabbed UI
standard shell
what is that
Call me when there’s a serious OneNote...
OneNote works on the web, but there's also Notenook if someone is looking for similar features with an app for offline access + End-to-end encryption and open source alternative. I've got it syncing to my Android, Windows, Linux and Mac clients without issue.
...or even more importantly, Excel competitor.
There's OnlyOffice which has a spreadsheet. Yeah it's not Excel which has existed for a million years, but it should work for the vast majority of users' basic needs. It may not work for your specific use case, but it is a viable alternative that exists today. If you want more online collaborative features (like the o365 version has) you can use CryptPad, which provides an end-to-end encrypted and open-source collaboration suite, including the web version of OnlyOffice Spreadsheets.
Or even a standard shell on Linux...
What does this even mean? Nearly every major Linux distro sets bash as the default shell, and if not the default, is probably already installed and called if needed. Not sure I understand the problem here.
...or the same set of tools built in
Stick to a single OS and you get the same set of tools built in? This is a strange statement to be making against a system that not only thrives on diversity but has lots of niche systems that require a myriad of default tools.
I do completely agree about not using any browser's built-in password manager.
That's definitely a change from companies just leaving passwords around for anyone to find.
No $10 gift card?
Lame.
Bitwarden here. Works well.
They didn't vanish, it's just that now only Google has them.
No password manager is 100% safe. Make back-ups.
Premium Bitwarden is so cheap and effective that I find it difficult to justify using an alternative.
I put all my passwords in a text document, then print it on a little strip of paper and shove it up my ass. Whenever I take a crap, I dig it out from the turds and try to memorise some of them again. Then I shove it back up there where noone else can find my data and I won't lose it.
Forgot to mention I delete the text document and set fire to the computer's hard drive. The passwords are only ever in my ass, with the rest of my personal shit.
sh.itjust.works
"Chrome users" or "Chrome under windows users" would be closer to the truth. Still, quite a screw up.
Something like 2/3rds of the world uses chrome for desktop. I'd bet that number is higher for windows specifically. If you're the rare person who doesn't use chrome then you're savy enough to know this doesn't apply to you
