Are you using KeePass, /g/?

>>59218405
Yes.

>>59218405
KeePassX actually

File: 1299642647075.jpg (87KB, 622x718px) Image search: [Google]

87KB, 622x718px

>>59218405
yes

>tfw 64 character passwords

yes through mono on linux

>>59218729
>qt
garbage

KeepassX, fuck mono.

Yes.
At work we share a common base.
At home for everything, pass, keys, secrets...

>>59218795
What are best practices for keys? Keeping with the database?

fuck REEEEpass lastpass is king

>>59219192
>REEEEpass
lol

>>59218793
>>59218794
>Mono is shit
>Qt is shit
Never change, /g/

>>59218405
Yes, until I've transitioned to pass so I can skip the database file and have encrypted files with the passwords instead

>>59219304
Yes, Qt is shit too and I hate having it installed on my system because keepass is the only program needing it.

>>59218405
yes, keepassxc
https://keepassxc.org/

that's the shit right there mane

File: argon2.png (32KB, 488x487px) Image search: [Google]

32KB, 488x487px

Have you switched to using Argon2?

>>59219499
>no screenshots on website
why do people do this

password managers that hash shit and don't store nothing anywhere

>>59218405
No, I don't want my passwords to be compromised in case someone somehow compromises my PC.

>>59219609
my man

>>59219548
it looks like keepassx

>>59219609
You made a small mistake in your post. You wrote "No", when you meant "Yes" ;)

>>59219609
Multi factor authentication? By the time they can smash your key file and password, or even yubikey, you will be able to rotate everything.

>>59218405
yes

>>59218729
There's literally no reason to use KeePassX over Keepass. It's got slower development and less features

>>59219528
I'll switch when there is hardware support for Argon. Until then I'll enjoy the 1.3GB/S speeds of AES with the AES-NI instruction set of all modern CPUs

What do you guys use on Android? Keepass2Android werks, but could be better.

>>59219726
It's a fork of KeePassX

>Why KeePassXC instead of KeePassX?
KeePassX is an amazing password manager, but hasn't seen much active development for quite a while. Many good pull requests were never merged and the original project is missing some features which users can expect from a modern password manager. Hence, we decided to fork KeePassX to continue its development and provide you with everything you love about KeePassX plus many newfeatures and bugfixes.

>>59220121
mane pls
>>59219499
has autofill and everything
more frequent updates 'n' shiet

Keepass + file authentication + keeOTP
Custom icons to make it pretty

redpill me on keepass

>a single password that gives you access to every single other password
this sounds fucking stupid
as soon as it's compromised, all your accounts go down with it

File: 1486902138060.png (151KB, 742x828px) Image search: [Google]

151KB, 742x828px

>>59218793
>>59219363
>gtkucks

>>59220277
Qt is fucking disgusting, GTK is missing a minor feature.

File: 804e9b7a738d2424350bdc0c8725e15b.jpg (159KB, 1024x768px) Image search: [Google]

159KB, 1024x768px

>>59219592
What the fuck is the point of that then?

>>59218405
No.
I am using a traditional password manager which is Pen and Paper.
It is the most secure password manager if used correctly.

>>59219609
>no, I don't want my passwords compromised in case someone somehow compromises my PC and spends 15 quadrillion years breaking keepass' encryption
Fixed that for you

>>59220193
You either reuse the same few passwords, or have different strong passwords for everything, but keep a list of them, since you are bound to forget the ones you don't use frequently. It is much more likely that a site will get hacked and your password will be leaked than it is that someone will get hold of your password database and crack the encryption, so reusing the same password is clearly the worse strategy. Really the only alternative to keepass (or another password manager) is using pen and paper, as other posters have suggested, but that has it's problems too, like having a list of your passwords in human readable form around in your house, and the fact that you are much more likely to lose a piece of paper than your password database (if you do backups properly).

>>59220193

You're wrong.
https://www.schneier.com/blog/archives/2014/09/security_of_pas.html

Tell me what's wrong with storing my passwords in fsekrit?

>>59220878
There are a couple of things, actually
>it requires windows
>it is a program for storing encrypted notes, and not an actual password manager (worse for sorting your passwords into categories)
>every note is also an executable, which is a pretty redundant feature

Can I tell you guys my password and get some feedbacks on how safe it is?

>>59220999
Yes. Please make sure to include your DoB and social security number as well please.

Lastpass, any thoughts?

>>59220963
Runs on Wine too. Checkmate?

>>59221029
I too like using programs that require an entire fucking OS emulator to run.

I just use really obvious passwords and hash them an arbitrary number of times.

So "password" becomes;

19f98ccb7b605584d5136e23920ea67187274927856bf8

>>59220845
It doesn't take 15 quadrillion years to install a keylogger on a compromised machine.

That said, if they can keylog your master password they can keylog all your other shit, so >>59219609 is a dumb. Just a different kind of dumb.

>>59220159
KeepShare Lite is awesome. It asks you anytime you reach a site if you want to log in using their credentials. I just wish it would auto-synch with drive though.

Using 1Password here. Shit's nice.

>>59221166
but keepass has keylog protection??

>>59218405
I once used the same 25 character password for everything and I thought I was safe until a vengeful ex got a hold of it, so now I know better.

Different password every time, maximum complexity. Feels safe man.

>>59219499
this

>>59218405
I use lastpass.

>>59221015
proprietary botnet

What happens if you reinstall your pc?

you can't get hold of your passwords then?

No, I'm not mentally retarded.

>>59221928
save the encrypted db to some external memory device, you dolt

>>59221928
save it on a usb drive, external harddrive, (((the cloud))) etc

>>59222138
nobody got time for that

>>59221108
>WINE
>emulator
Pick one, retard.

>>59222171
Oh I see, because you have all this shitposting to do.

keepassx faggot

I use LastPass for saving passwords.

Thoughts on pass?
>https://www.passwordstore.org/
Uses GnuPG. But I'm now worried about securing my keys.

>>59222180
>our legal department told us to call this emulator "This Isn't An Emulator."
That's cute, but it is the definition of an emulator. Maybe not the one some Linux neck-beard invented in his own head back in 1990, but the one that exists in the dictionary.

File: entropy.jpg (80KB, 445x720px) Image search: [Google]

80KB, 445x720px

>>59221124
>I just use really obvious passwords and hash them an arbitrary number of times

>select top 500 most popular passwords
>hash using different algos
>add to database of passwords

I'm sure no one has thought of this before.

encrypted archive on dropbox containing all my passwords in plaintext

>>59222416

How long/complex is your database pass? You do know NSA stores all encrypted data for cryptanalysis?

>>59222286
There's no legal issue. the name was changed because emulator doesn't accurately describe it sine it's a library implementation and no virtualization occurs, dipshit.

>>59218405
KeePassX

File: 1488497833401.jpg (147KB, 1920x1080px) Image search: [Google]

147KB, 1920x1080px

>not one single argument on why anyone should use keepassx or the other forks instead of keepass

>>59221407
how exactly does it protect you from keylogging when you type in your fucking master password

>>59220872
how does your shitty article disprove that you're 100% fucked as soon as someone knows your master password?

>>59222991
Ok fine, they know my master passphrase (unlikely). Now, what about my keyfile(s)?

>>59223038
Not the guy you're replying to but I've never understood what the proper security measures for keyfiles are.

>>59223075
Keep the file(s) in amongst other files and give it a common name. Since the keyfile can be any binary file, rename it to appear completely ordinary (i.e. system32.dll instead of keyfile.jpg)

>>59223197
But on the keepass site they say that obscurity of the keyfile isn't what matters, since people can just test every file on your computer, it's the obscurity of the contents. That's the bit I've not understood, like are you supposed to alter the keyfile between uses so it's not in a usable state by default? Or are they just full of shit?

>>59219192
isn't that the online shit that got hacked multiple times? the one that stores your passwords online for anyone to see?

I was gonna transfer over to keepass but I'm way too lazy. Been using LastPass for years and happy with it. Never had an issue so far.

>Muh safety
>Get a trojan with KL
>You acess your keepass
>Hacker gets all your passwords in a plate
Fuck gamestop

>>59223224
>But on the keepass site they say that obscurity of the keyfile isn't what matters, since people can just test every file on your computer, it's the obscurity of the contents.

I understand this reasoning but this is very unlikely unless your attacker has physical access in which case you are already fucked. Practically no one is going to have any success otherwise.

>are you supposed to alter the keyfile between uses so it's not in a usable state by default?

No, not that I have ever done. Really, having a passphrase and keyfile(s) is next to impossible to circumvent unless your computer is physically owned.

>>59223352
That makes more sense. Thanks.

No, because I am not a fucking mentally hilarious retard.

Every pass I have is unique and 30+ characters most times. (besides shit sites that have pass limits, in which case I have a micro-version of making passwords for those)

I only do 30~ because it is decent enough.
It'll still take 10 times my lifetime to brute force even with how I generated the passwords and a dictionary to brute the damn thing intelligently.

You people and your shit software.
No wonder you have bad memories, you rely too much on external storage.

File: 44564646.jpg (82KB, 1252x964px) Image search: [Google]

82KB, 1252x964px

>>59223464

>>59223512
>ha ha i used the epic fedorable mime wew

Enjoy your mental illness and fake security.
I bet you think the epic randomness of the digits improves security as well lmao

File: Shrekbeard.jpg (67KB, 353x334px) Image search: [Google]

67KB, 353x334px

>>59223963
>tfw photographic memory