today is the Change Your Password Day so lets talk about passwords.

I don't change passwords unless there's a breach or it's required. I use keepass and randomly generated long-ass passwords., Local database with both a master password and key file. I use 2FA for major accounts like google and steam.

File: 1485311085704-e.png (416KB, 1200x1821px) Image search: [Google]

416KB, 1200x1821px

Which password manager is better keepass or lastpass?

did you know that 4chan has a feature where if you try typing your password, it censors it?
********
try it!

>>58746992
lolfuckoff

Didn't work

>>58746991
keepass is more secure since you control everything yourself.
lastpass if you are too lazy to setup your own ""cloud"".

>>58746991
keepass

>>58746992
Stole so many runescape accounts doing this

>always alternate between the same 3-4 passwords for a decade
>never been hacked
what am I doing wrong/right?

File: generatecard.png (94KB, 1011x637px) Image search: [Google]

94KB, 1011x637px

>>58746978

http://www.passwordcard.org/en

>>58747096
>>never been hacked
people wont hack you but the service you use.
hack service
>steal database including email and passwords
>crack shitty password encryption
>run email & password against every known service
>clear out accounts if possible and sell the rest
>rinse & repeat
thats why you should use a seperate password for every service you use

>>58747055

Did you know your name and credit card number will be filtered out because 4chan recognizes the format! Try it

Jeff Thompson
XXXX-XXXX-XXXX-XXXX
Exp: 05/19 CVV: XXX

>>58746992
hunter2

>>58746989
What if you need to log in your accounts from someone other PC?
>sorry guyz I actually don't know my password xDDD

>>58746991
Keepass. I keep my database synced through my Nextcloud server and use keefox in firefox to autofill logins.

>>58747576
> Signing into strange computers

Enjoy loosing your account.

>>58747375
Sounds a lot like they use the password as a key or w/e in the databae. AKA shit tier devs.

What's the point of having randomly-generated, complicated passwords? Sure, they will be impossible to guess, but they can still be retrieved as easily as password123.

>>58746991
I use pass https://www.passwordstore.org/

>>58747784
Do you know about password hashing anon? It doesn't matter if someone gets an entire database full of passwords if it's unreadable, uncrackable garbage.

>>58747784
most people arent hacking into your account by brute force, they just use inference and a little bit of effort.
im wondering if anyone has examples of algorithms they might use to generate unique passwords for each account you have.

>>58747811
Unless the website developers are shit and store them in plain text or md5 thinking that's good enough.

>>58747641
It was a bit tight anyway

>>58747576
>sorry guys I actually don't know my password

That's actually a good excuse not to login from someone else's computer.

>>58747937
What the actual fuck are you trying to say

>>58748402
>being this dumb

>>58748423
Oh it was a pun

>>58746991
Lastpass is not secure and has been hacked last year.

>>58747576
>logging in on untrusted computers
yeah no

also
>what are phones
lots of password managers have android/ios ports

>add all passwords to a text file
>encrypt with aes-256-cbc
>move to random folder with lots of files
>change file extension and filename to blend in with the rest
>"shred -vzn40 originalfile.txt" and "srm originalfile.txt"
>do this across multiple devices
>full reboot and wipe text editor caches if you're really paranoid

>>58748613
Why not use a password manager?
I guess you don't have to worry about the manager software having unpatched vulnerabilities and becoming abondonware.

>>58748656
That's mainly why, plus it's another level of security through obscurity. You could leave the .aes file on your desktop and it would never be cracked unless you used a shitty password.

>>58746991
keepass is marginally more secure if you're a paranoid schizophrenic and think the gubmint is hacking THE CLOUD, lastpass is better if you value both security and convenience

i know a dude who uses keepass because he doesn't trust leaving his database in THE CLOUD. his solution for taking his database everywhere? fucking google drive

>>58747576
>What if you need to log in your accounts from someone other PC?

there's a portable version of keepass you can stick on a thumb drive and just carry with you, plus an android app if you're a normie with a smartphone. there's really no excuse anymore

>>58748761

In his defence I'd trust Google over LastPass' security any day - both if your goal is hiding from the gov't then yeah Google is not a good choice.

>>58748761
>his solution for taking his database everywhere? fucking google drive
That's what I do. I doubt google spends time trying to crack keepass databases.

>>58746978
My password for work expired yesterday so I changed to a fresh new password not 16 hours ago.

>>58746978
I make up n-phrase passwords from the subject of an academic category or mix of

>>58746992
crustyanus69

>>58747124
Giovanni Kuzo
6011-6698-2742-3667
Exp: 02/20 CVV: 219

I use the same password for all of my email accounts.
Another one for my banking, and PayPal.
One for anything related to gaming.
One for forums.
One for torrent or porn sites.
One for social media.
One for any sites where I can purchase shit.
A bunch of other ones.
I basically just seperate them into categories and make a password for it.
I would like to make a seperate password for every account but I have to many so it wouldn't work good.
I don't trust software to keep my passwords so I just have it written on a piece of paper.