How do you securely back up your Keepass database? I create

I place copies on all of my drives. All of them aren't going to fail at the same time.
>I put it on Google drive
Retard.

>giving all your passwords to Google
>ever
Might as well have your passwords be the same as your username.

>>60968021
I sync my database on every cloud storage I have an account with and my key is kept on a flash drive on my keychain. I keep another one in my drawer and one on a cd I store in a case.

Got mine on a few different drives, on a usb stick and on my surface.

>>60968133
forgot to mention that I don't bother encrypting the database because without the key it's pointless to attempt gaining access unless you've got a quantum computer or keepass databases have been backdoored this whole time it's pointless.

>>60968021
>encrypting an already encrypted database

Good job, now the encryptions will cancel each other out.

Flashdrive is the way to go for me. That and a gpg double encrypted folder on mega. Each password has 256 bits of entropy.

>>60968021
I used to just keep it on my private NextCloud but then I migrated to https://www.passwordstore.org/

>>60968021
It's already encrypted, retard!
You could just as well upload it to a public site, and your passwords safe.

>>60968021
Pen and paper.

>>60968621
Pen and paper is the best. I need to make some backups, I would fucking kill myself if I lost all my passwords.

Who the fuck needs keepass
Did you not opt in for the hardwired memory chip or something? You should probably jack in you fucking moron LOL

File: IQ 1917.png (1MB, 1188x1736px) Image search: [Google]

1MB, 1188x1736px

>>60968621
>>60968923
>brainlets cant' memorize their passwords

>>60968021
I just moved to pass, much better so far

>>60969045
>passwordlet using passwords shorter than 64 randomized symbols, letters, and numbers.

>>60969106
Most sites don't let you go over 16 characters

>>60969135
Not worth using any site with such poor freedoms.

>>60969166
freedoms extend as far as you let them, self restraint is not freedom

What does /g/ use for 2FA?

>go and set up 2FA on all accounts that support it
>brick phone less than week later
>hadn't gotten around to backing up the back up codes
That one taught me a lesson.

File: 1337883498673.png (52KB, 212x175px) Image search: [Google]

52KB, 212x175px

>>60969243
yfw the only reason the fappening happened is because icloud account didn't lock you out after a few failed login attempts so you could brute force your way into any account.

File: IMG_4082.jpg (9KB, 174x165px) Image search: [Google]

9KB, 174x165px

>>60968021
I just use Apple's Notes, I have an encrypted note with all password hints for each service I use, the hint is just an incomplete password so I can remember, so only I still really know the complete one.

It's also on the icloud folder, so I have access to the note anywhere and am safe if the drive fails.

I trust Apple with my encrypted password hints, they are the most serious company on user privacy, and even if it "leaks", it's encrypted, and even if someone breaks the encryption, there's no complete passwords there.

>>60969289
sorry, deleted old post to add more info
No one knows how the fappening really happened, so it's probably social engineering.

>>60968021
I put the data base in encrypted flash drive and carry it with me when i need it or just plug it into my desktop to unencrypted and use synergy to paste any passcode to all my machines that need it

File: 1491939931425.jpg (19KB, 400x400px) Image search: [Google]

19KB, 400x400px

>>60969045
>CURRENT_YEAR
>Memorizing passwords
ISHYGDDT

>>60969106
Most sites won't even let you use passwords longer than 32

>>60968021
>2017
>using a password manager
What is wrong with you? Just use shaXXXsum.

>>60968021
If you decide to back it up somewhere insecure (which is perfectly fine, AES256 is robust) make sure you have a long and complex password. Including don't do something stupid like using a song lyric or something.

>>60969811
>trusting porn companies with your info

>>60969811
A hash is recognisable as a hash, and if someone finds your salt or your encoding scheme your entire system is broken.

>>60969877
Good luck with that.

>>60968021
I use the same as you, but I skip the cloud with Syncthing. My homeserver, phone, laptop and desktop won't fail at the same time

>>60969320
Trusting the botnet company that let the fappening happen, also
>trusting anything from America
>ever
It's like you want you stuff to be exposed

>>60969956
> botnet company
but that's Google anon

>>60969897
Yeah some luck is needed because what you're doing is security by obscurity. If your scheme say, became the most popular way passwords were handled, there would be decent password cracking scripts out there breaking your password.
Since you're just kicking the can along- the real security is with whatever you were hashing (and the salt) in the first plac.e

>>60969973
>password breaking scripts
>aka bruteforcing the SHA

File: IMG_20170619_154637.jpg (1MB, 5312x2988px) Image search: [Google]

1MB, 5312x2988px

using a 6th gen iPod nano is the best form of password backup, period.
>no wireless connectivity save for the radio, good luck exploiting this device through a fucking radio
>always on me, since you know, it's a functional watch
>who the fuck's gonna steal it? Even if they did, they'd need an old 30 pin connector, and be smart enough to look for a text file on the device (which you cant find through iTunes)
>no encryption necessary, although the text file only contains password hints so even if someone somehow accessed it it'd be useless to them

get on my level, /g/.

>>60969999
what is a rainbow table generated with the known parameters such as "four words seperated by a space" as featured in xkcd's comic?

>>60969999
They don't need to break SHA, idiot. They just need to run passwords through SHA ALA a hash table, for maximum speed.
Or they can run simple wordlists through it (say you use websitename--SHA-->Password) they'll just SHA the wordlist or whatever to get your password.
It's only worth it though if lots of people use it and so there are lots of people with weak pre-hashed passwords.

>>60970034
>>60970038
>implying my pre-SHA passwords aren't distinctive enough

File: yolo_hashtag.jpg (16KB, 600x350px) Image search: [Google]

16KB, 600x350px

We're all fucked once quantum computing becomes commonplace anyway.

>>60970034
Yeah, about that... How many possible pws is that?

>>60970136
even with like 20,000 words it's still only 20,000^4 which is FUCK ALL

>>60968332

Dafuq do you mean by "double encrypted"?

I use lastpass with autofill disabled (which just means 2 more button clicks for it to fill).

Every "security" issue lastpass has had has been with the autofill feature, so I don't trust it. Other than that, having unique 99 length passwords for 400+ items is pretty dope.

use the google 2fa thing on my phone for 2fa.

>>60970045
Then why not just use the distinctive pre-sha password?
My point is that the SHA does not add security against any reasonably intelligent attacker.

>>60970002
Are you challenging someone to hack your nano by radio signals? Cause I'm pretty sure someone could pull that off if they were paid.

>>60970521
I mean, it's probably "possible", but considering how it's such an unpopular model there's not even rockbox support yet, I'm quite confident in the security of this thing.