What is the best way to keep your Passwords.
Better to have a program loaded on your computer or a web based password keeper?
>>56269412
Never web based.
Use keepass or a similar alternative. Keep a backup in an USB or something like it so you're not fucked if your SSD/HDD shits itself.
OP here -
Also should have mentioned that freeware, free download, open source is always desired
Any recommendations that you have experience with that are solid and free?
>>56269508
keepass
KeePass /thread.
>>56269412
Post-its
Memorize it. It's not that hard. I memorized a 60+ word password. Took me about 2 weeks of using the password by writing various parts of the password and also memorizing parts of the password that I didn't write down. So that I had not written down the whole password in case someone snooped around my room.
>>56271661
60+ character I meant, not words.
>>56269937
>/threading you're own post
check out my free password manager it works 100% legitto
>>56269679
>>56269412
I'm write to hand
Don't listen to pen and paper luddites. Local storage encrypted on your phone is just as secure as a sticky note or a notebook. Of course, your welcome to use it but there's no reason not to use keepassx or keepassdroid
Also, don't listen to memorize it faggots. It's simply not practical to memorize a different passcode for everything you do (which is more secure than one long password that you use for everything (although I guess they are equally secure in that if your long password for everything is breaches or your master password for KeePass is breaches, you are equally fucked)
>>56269412
On a paper in a medallion you wear that you can eat it when someone wants to get it with force.
>>56269679
this is the only good answer
anything else is retarded
maybe ?
>>56271661
Yeah you memorized one 60 character password. And when you use that same password for multiple sites it's as good as using "password" as your password.
It's simply not practical to memorize multiple long passwords. So memorize one and use it as your keepass password.
>>56272317
I'd recommend a hybrid system. Remember a few long passwords for important things. Keep super important things (like email account, that shit is super important to keep hold of nowadays, or banking) out of your keypass database, and throw most things into your keypass database
Just remember a line from a move or a song lyric, turn it into a base-password using the first letters of each word and tweak it by changing two characters for each site you use.
>>56272251
Thiso
>>56272268
Paper is retarded. If paper works for you, it means you have few and/or unsecure passwords.
Using a proper password manager means you can have a secure password for every account and you don't have to type or remember it.
>>56272346
Why would you keep important things out of your keychain? Just put them behind another layer if it's important
>>56272807
Well it's so if the keychain gets compromised it isn't complete devastation.
>>56272829
That's why you put them behind another layer?
>>56272886
Well whatever compromises one layer can compromise as many layers as it wants.
Use brain.
Or hell, post-it note.
>>56269412
Windows Notepad
Program called 'pass' (dumb name... )
> Pass insert -m example.com
> pass Amazon.com
Uses standard gpg encryption so even without the program you can decrypt passwords - also means it's easy to sync it to multiple computers, I personally just keep it on my home computer and ssh in.
It's mostly for sites I log in once or twice. I also use it for storing multiple things - stuff with questions - '
> whats the name of your first pet
> Shhdheiexjcbhdga83@$dhh73
Stuff like that. All the other managers require a GUI which is a pain since you can't easily remote connect to grab a password.
It has a password generator built in, but I usually just use pwgen
What's /g/'s thoughts on enpass?
>>56272929
It's better than using the same password everywhere.
It's a great solution for that forum you had to register for to view a image , or a site you had to register for to download one firmware update because the company is retarded and needs a account to do that.
You can use gpg to encrypt it if you want to get fancy. I used to do exactly this before finding pass which is a little more sane
>>56269937
How do I create master password?
>>56269937
> Requires GUI
> Good
Pick one
>>56273085
Explain without tipping your fedora.
>>56269412
I use keepassX is nice, also it has a FOSS Android version, so you can keep your passwords everywhere in your (hopefully encrypted) phone.
>>56273093
Need to access passwords on multiple computers without worrying about syncing them constantly.
I don't want that shit on my laptop for instance. It's fine to have a GUI, but it's ridiculous to need to install it to grab one password.
>>56269412
>program loaded on your computer or a web based password keeper
>>56269679
>pen and paper
>>56271661
>memorize it
All these have their applications.
Pen and paper is probably the best if you live alone in a studio apartment on the 9th floor of an apartment complex.
But some people live with family, and sometimes family isn't very nice, they may be extremely noisy. And in that case you don't want to use pen and paper.
Web based ones are uh..never good? Just get off of /g/ if you even considered that.
>>56272504
>Just remember a line from a move or a song lyric, turn it into a base-password using the first letters of each word
YABG
4U
>>56273137
Just install it on a usb stick???
>>56273044
Is 55 characters good enough?
>>56273158
I guess. Seems inconvenient and risky (from a losing/getting damaged pov) to carry all your passwords with you.
Doing ssh to a server is much easier to me.
>>56272504
pic related
>>56272901
the only thing that would compromise it is a bad password or human error, both of which will still be compromised if you use your brain or a fucking post-it note
>>56269412
>>56271665
>it took him 2 weeks
Only took me like 2 hrs
>>56273189
the 4 random words approach does fuckall when password strength requires upper/lowercase, symbols and numbers
I'm currently using Dashlane. Tried KeePass and didn't care for the interface.
>>56273312
so use them for a keychain
>>56269420
This. Never use web/cloud based password mangers. Use something local like KeePass
>>56269412
Local database