What is unironically the best way to store your passwords? I

>>61580273
i've got a couple of friends using `pass` that seem to like it. I don't know enough about it to know how secure it is. they mentioned something about the files being retrieval from the FS, this could probably be mitigated with a yubikey or some sort of ephemeral storage.

I was going to try it out--I liked the concept and the main contributor's website is 1337 as fuck

>>61580273
I use KeePass but now this thread is giving me doubts.

>>61580273
Try shoving those passwords up your anus

>>61580332
I also use KeePass, where is the doubt you speak of?

>>61580273
i've got a zsh alias that generates a random string with the usual password character requirements and some other aliases that put them into a gpg .asc file and take them back out when I need them

Keepass

>>61580273
I use Keepass on Windows/Debian and KeepassDroid on Android.

>>61580299
I keep my password store and other keys in a Tomb which is a LUKS encrypted device. It automounts to appropriate locations when the Tomb is opened and mounted

>>61580395
doubts are gone now
do you know how to setup autotype for google accounts? nothing I found worked

>>61580462
are you using this with pass? if so that's a good idea that would address the concern I mentioned about the files being retrievable from the host fs

>>61580464
KeePass's autotype requires it to be manually called (default global is Ctrl+Alt+A or Ctrl+V for select entry from the database, will request to unlock, then find matches that you've defined or try to match to entry names).

If there are multiple matches it lets you pick which one to use.
Basically you'll need to get auto-type to recognize the account login page for several, then you pick what you want.

File: 2017-07-26_19-42-46.webm (271KB, 682x438px) Image search: [Google]

271KB, 682x438px

>>61580464
>>61580531
For web browsers, you can usually match by window (tab) title. There are helper extensions that can add the url to the title or integrate keepass directly.

The default autotype is

{USERNAME}{TAB}{PASSWORD}{ENTER}

which is what you see happening here.

>>61580370
the proper term is to "KEISTER", young man.

whats wrong with saving all your passes in a notepad saved to docs or something? heck why not leave it on the desktop all willy nilly

>>61580508
this
pass is the best pw manager

>>61580872
well looks like I definitely have to try it out. Before I do though you need to tell me if you're a consultant at a small start up for a cloud provider because if you are bro get off 4chan this is my safe space from everybody at work

>>61580893
I work at a networking startup so nah

>>61581103
phew

>>61580273
Typewriter. If you store passwords on a machine that's not permanently airgapped you're a braindead millennial.

>>61581139
>braindead millennial
is this a roleplaying board now?

Encrypted .txt file

>>61581168
This.


It's simple. You can also write a custom script to extract the ones you need using fzf and such.

Pick a key value store nosql server for multi user sessions

>>61580273
Keepass X on Linux.

I use LastPass but your idea sounds pretty cool with the reconnected phone. I might write them down somewhere and keep it as a notebook or use KeePass.

>>61580273
sticky notes + sharpie

If your browser also saves your passwords, "for convenience", you're doing it wrong.

If, i.e. in Firefox, you set a "master password" to grant entry to its password database you're putting the cart before the horse.

>>61580273
you only need to remember one password: the password to the encrypted basic text file that keeps all your passwords.

Method of encryption is your choice.

>>61580847
Thank you for educating me, mister. I'll try to remember next time.

I just remember mine...

I do keep a text file with cryptic patterns on how to reconstruct them if I forget though.

>>61580273
If it becomes inconvenient, you have too many passwords.

>>61584904
If you don't have "too many" passwords you're either reusing them (or perhaps a homemade algorithm) or you have so few accounts where it's not a burden to begin with.

>>61584925
>or you have so few accounts where it's not a burden to begin with.
this is my thesis

File: images?q=tbn:ANd9GcQu1PGHUWRliCcWgtXZTCUwfbEMXDbb3CxMdIcAzDLNcWtOA2mG.jpg (6KB, 219x230px) Image search: [Google]

6KB, 219x230px

>>61580273

File: 1492239724821.jpg (44KB, 529x502px) Image search: [Google]

44KB, 529x502px

>>61580273
Remember them?
I generate random ones for accounts that don't matter though.

>>61580273
use keepass ya dumn fuck

encrypted gpg file that I cant seamlessly view/edit with vim with the gnupg.vim plugin

>>61586913
can*

I've created a encryption program, then I encrypted all my strings and stored them somewhere.

Never got around to decrypting though.

>>61580273
notepad

I have a small tablet that can only be accessed with fingerprint scanner. It's inside a safe and only I know the combination. The safe is inside a locker at the US postal service office.

Sure it takes an extra 3 hours before I can log into my Facebook account but it's worth it knowing I'm secure.

>>61580273
Tsubasa is cute!