How often should one change their keepassx database master password?

one should not store all their passwords in a single point of failure

>>60075928
OK, how do you keep track of all your passwords?

>>60076099
He probably uses Chrome Autofill.
>laughing_girls.jpg

>>60076099
im not a moron

I have over 80 accounts/passwords and I know there are people with hundreds. IDK how people live without password managers.

>>60076120
Yes you are. You could have an accident and lose access to the part of your brain that memorized the passwords.

>>60075902
Be like Bruce Schneier and use his Password Safe software on Windows. He uses Windows, too. No joke. Both are good.

>>60076150
they use 1 pass for everything.

>>60077854
Probably something like 1968.

>>60075902
I access my keepass with a keyfile that i have stored on an SD card

+

master password that i change every 3 months

>>60076120
so there are 3 scenarios here:

1: you use the same password for all accounts
>retard

2: you use extremely easy to crack/remember passwords
>retard

3: you are able to remember >30 complex passphrases
>respect

>>60075902
I have a 50+ character master pass that I copy paste but can remember. Am I retarded?

>>60078431
>that I copy paste
From where?

File: 1491764016722.png (192KB, 711x633px) Image search: [Google]

192KB, 711x633px

>>60078517
A certain page on a certain website.

File: onegai.png (384KB, 1024x768px) Image search: [Google]

384KB, 1024x768px

>>60075928
But it's not anon

The database is on a fully encrypted disk, and backups are made regularly (also to an encrypted disk)

Where's the single point of failure?

>>60078539
>>60078517
Yes, you are retarded.

>>60075928
You enter most of your passwords from your computer, don't you? It's already a single point of failure (keylogger)

>open source passwords

top laff

>>60078589
idiot

>>60075902
every 30 days at the most

>>60078545
>encrypted disk
Why? The database itself is encrypted.

>>60078649
1) no longer a single point of failure
2) the entire os is encrypted anyway, duh

>>60078545
>database is on a fully encrypted disk
there's your single point of failure. someone somehow gets that single database open, and your whole infrastructure is jeopartized.

>>60078733
OK, and how do they get their hands on it in the first place?

>>60078893
they hack you, man
your backdoor is wide open

>>60078972
Not using Windows
Also don't forget the database itself is encrypted

I use passages from books in my library with bookmarks for each password. My favorite passages are also committed to memory.

>>60078420
i use an easy password but it's still more secure because it's 2 factor auth :)

>>60079005
This but video games.

Every 3 or 4 days.
Also, don't write it anywhere. Are you scared, you brainlet pussy?

How to properly use a password manager:
1. Use a long-ass password.
2. Don't store your passwords for your main email addresses in it
3. Use a local system like keepass.

Your main email address is tied to a million different 'password recovery' functions, so it's best to not put that in a manager. Your email password pretty much is a password manager anyway considering that if someone has that one password they can then just get all of your accounts anyway.

>>60075902
... You're supposed to change it?

just keep it in a place that's only accessible to you then it doesn't matter

>>60076166
The database master password would also be lost, unless you provide additional means of retrieving it.

>>60081317
so what you're saying is that just having to memorize one super complex password is better than a bunch of similar shitty entropy passwords?

File: 1492847912609.gif (136KB, 500x500px) Image search: [Google]

136KB, 500x500px

>Not using two factor to protect your opasswords

>>60081641
I said no such thing, it was just an invalid argument on his side

File: image.jpg (23KB, 500x318px) Image search: [Google]

23KB, 500x318px

>>60076099
Fucking remember them. And if not that then just write them down autist.

>>60075902
every night

I use pen and paper

Most secure shit ever

>>60076150
by only using like two or three passwords

It's always surprising at work to see the panic people get into when our system doesnt let them reuse old passwords and they can't figure out something else to use.

I can't imagine properly managing 300+ accounts without one.

>>60083961
>2017
>using the same password on more than one site
Shiggy, i know you do

>>60078990
If they get your master password, you lose everything. That's your single point of failure.

>make up a short story (60-120 characters)
>fuck up grammar, add spelling errors, special characters, etc
>profit?

>>60076150
They are brainlets that use 1 password for everything and come to shitpost on /g/ with le pen and paper meme.

How probable is for blackhats/NSA to be posting here about using only one password and not a password manager?

I mean, there is people here obviously trying to trick gullible anons.