• Agent641@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    1 year ago

    I’ve actually come up with a way to have a complex and unique password for each service which is also resilient againt forced password changes, doenst require a password manager, and if Im being tortured I still wont be able to tell them what it is because I dont know it unless Im at the login screen. If the service changes the layout of their login screen though, Im fucked.

        • ours@lemmy.world
          link
          fedilink
          English
          arrow-up
          15
          ·
          1 year ago

          If they change/rebrand the login he’s screwed. Just use a password manager people.

          • TheBERFA@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            I’ve been thinking of starting to use one more and more, is there any you would recommend? Are all the good ones a paid service? And my biggest concern is someone getting into the password manager itself, is that something that I should worry about?

            • JustARegularNerd@aussie.zone
              link
              fedilink
              English
              arrow-up
              5
              ·
              edit-2
              1 year ago

              I’ll second the other comment suggesting KeePass, but the biggest issue I had with it was syncing the database across devices. Ultimately I stored it in OneDrive, but it occurred to me that at that point it wasn’t much different to a cloud password manager, which I especially didn’t trust.

              I now self host a Vaultwarden instance from my Raspberry Pi, and that works perfectly for me, but it does require a bit of Linux experience and a spare device to run the server.

              • itslilith@lemmy.blahaj.zone
                link
                fedilink
                arrow-up
                2
                ·
                1 year ago

                I’m using KeepassXC and sync with Syncthing (which is P2P), and I’m quite happy with it. Seems like you got your setup figured out, but this is a bit simpler for someone looking into password managers

                KeepassXC also has a great browser integration c:

            • ours@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              edit-2
              1 year ago

              I don’t trust a service for my passwords so I’d rather trust an open-source software.

              Try KeePass, it runs both on a PC as well as a phone so just carry your encrypted passwords with you.

              Edit: And passwords aren’t enough, use multi-factor for services that offer it. Preferably via an app instead of SMS.

            • Zink@programming.dev
              link
              fedilink
              arrow-up
              3
              ·
              1 year ago

              Bitwarden has been working well for me, and it’s open source and free to use. I started using it when it was clear that using LastPass was not a long term solution.

            • qqq@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              1Password is a solid service if you’re OK with the proprietary aspect. I use it personally and we use it at work (I’m an infosec consultant)