Are you guys THAT RETARDED?

>>60388600

Yes. Next question, please.

I use KeePass and I use VeraCrypt but only against physical thieves.

>>60388600
Well at one job I had all the passwords were kept on a encrypted file system. You had to mount it with a huge password and it would only stay mounted for a few minutes. No the best system in the world but with no budget to buy a commercial password management system it was decent. I replaced it with keypass when I was in charge and eventually it was consolidated with other teams stuff into some commercial windows based tool, can't remember the name but it had two factor auth and rbac, so obviously superior.

File: 1456792752488.png (531KB, 2992x2992px) Image search: [Google]

531KB, 2992x2992px

>>60388600
Yessu

Yes sir

purple

I can't be that retarded, at least I'm not some Android phonefag with some shit kerning.

I just use Pass. It respects my freedoms.
https://www.passwordstore.org

>>60388600
I have a script that generates the password on the fly using the domain as seed, but I memorized the rules to generate the passwords so I can build them from memory if needed. Best solution tbqh

>>60389743
That's pretty cool! What software do you use?

File: 1464727760284.png (61KB, 640x312px) Image search: [Google]

61KB, 640x312px

>>60390333
It's a python script which takes as input the domain and replaces some letters with another sequence (e.g. s becomes $, obviously not that simply), then appends my master password to the string.
This way it's difficult to perform automated analysis and even if someone actively looked at the password he'd need to know all possible replacements in order to access somewhere else.

>>60392315
I assume you also hash the result of the script?

>>60388600
At least I'm not THIS retarded:
>"fuck i lost the private key to my server what do i do"
>go to server site
>login physically
>temporarily enable remote password login
>"fuck i can't get on the wifi here what do i do"
>turn on hotspot
>ssh to server and login with password
>on hotspot
>download server copy of private key
>over
>fucking
>hotspot
>"hooray now everything is very secure"
>get wanacrypted 2 days later

>>60392426
I can actually relate to this.

Just use lastpass

>>60388600
Leave it to paranoid bastards to not realize that double encryption doesn't help you at all.

>>60392426
Why would you save a copy of your private key on the server?
There's no fucking point. That's highly insecure in a multi-user environment.
Just make a new private key and add the public key to the authorized ssh list.

How many people here have actually taken security courses or read foundational material on security?

>>60392898
The private key is obviously not stored in the server. Asymmetric crypto. Ever heard of it?

>>60392898
That was one of the several points I was making.

>>60388600
Absolutely.
Except I go even further and have full disk encryption plus boot plus a script on the rootfs that compares the bootloader efi stub checksum.