• Brayd
      link
      fedilink
      English
      431 year ago

      A good alternative to Bitwarden is KeePass/KeepassXC btw

      • @protput
        link
        English
        321 year ago

        A good alternative to keepass is a self hosted vaultwarden btw. (compiled from bitwardens opensource code iirc)

        • @[email protected]
          link
          fedilink
          English
          61 year ago

          Vaultwarden is not compiled from Bitwarden’s code, it’s a separate project and codebase but designed to be compatible with Bitwarden’s API.

          Bitwarden is open source and you can self-host it but IIRC it’s a bit more complex and resource-hungry than Vaultwarden.

          • @[email protected]
            link
            fedilink
            English
            7
            edit-2
            1 year ago

            They have totally different design goals which is why Bitwarden is more resource-hungry and more complex to deploy. Bitwarden can scale up to large use cases such as companies with hundreds of thousands of employees (it’s what they run on the hosted version, after all), whereas Vaultwarden is designed to be small and light for home use cases where you almost always have <10 users total.

        • Brayd
          link
          fedilink
          English
          61 year ago

          I agree. But I think is much easier for people to use KeePass compared to self hosting Vaultwarden

        • @Concept1037
          link
          English
          11 year ago

          I agree, I do this and it works great.

        • @MigratingtoLemmy
          link
          English
          -51 year ago

          Nothing can beat passwords written on paper though

            • @MigratingtoLemmy
              link
              English
              41 year ago

              I was talking about digital espionage, assuming one is not stupid enough to record their offline passwords digitally

            • Dandroid
              link
              fedilink
              English
              21 year ago

              But rock beats scissors. What if paper has an alliance with rock to be protected from scissors in return for paper not covering rock?

          • @[email protected]
            link
            fedilink
            English
            71 year ago

            Physical access can. Indentations on the below page can. Fire and moisture can. Someone looking over your shoulder can.

      • @[email protected]
        link
        fedilink
        English
        4
        edit-2
        1 year ago

        I found keepassium for the work phone and I was in love that I could keep a separate db with my OTPs under a password and backed up.

        Then I left that job and had to split my OTPs. Vanilla keepass for droid will gives me the OTP values for gitlab etc, so it’s good there, but Vanilla keepassium for Android has no camera/QR->OTP input that I have yet, one that works like keepassium does and is all compatible down the line. I’d love to keep using it to maintain the existing separate keepass OTP db I have.

        Do you (or anyone) know of a good combo for droid that gets

        • keepass
        • backup to box/gdoc/etc
        • qr for OTP

        In one final package? Does XC do it in a way we think may be compatible?

        • @Futurama
          link
          English
          11 year ago

          Keepass2Android does all that on android. It natively supports Dropbox, google drive, one drive, nextcloud, pcloud, and mega, plus you can use WebDAV or sftp. When editing an entry, the totp setup has the ability to scan qr codes with the camera. Plus, the whole thing is free and open source.

          They even have a package on F-Droid, though that build lacks the built-in support for cloud syncing (due to F-Droid restrictions prohibiting binaries, I think).

          I’ve used this app for years on android, paired with various cloud sync options as providers change their restrictions and capabilities. On desktop, I use keepassxc.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        Hm i switched from KeePass to Bitwarden because the latter lets me use my passwords on multiple devices and as a Firefox extension that enters my credentials at a shortcut.

        Can you elaborate why you think KeePass is better?

        • Brayd
          link
          fedilink
          English
          41 year ago

          I think it’s more flexible. Also, due to the databases just being normal files you can sync them with syncthing between your devices.

          In my case I run a NAS at home on which they’re stored so I don’t need to sync them. I just open them directly from the NAS.

        • Celediel
          link
          fedilink
          English
          11 year ago

          I do all of that with Keepass, for what it’s worth.

    • @[email protected]
      link
      fedilink
      English
      81 year ago

      Is this really that useful though?

      I pretty much just assume that I’m getting pwned regularly.

      Obviously the password manager advice is very useful.

      • tool
        link
        fedilink
        English
        14
        edit-2
        1 year ago

        Is this really that useful though?

        It’s very useful if you don’t use a password manager and/or reuse passwords.

        The most useful part about it to me is the API. You can tie it in to Active Directory to blacklist all hashes that appear in any breach, plus expire/force a password change if any user on your domain uses a password that has been in a breach. It completely eliminates that vector from threat actors immediately.

        So yeah, I would call this intensely useful.

        • @[email protected]
          link
          fedilink
          English
          71 year ago

          The most useful part about it to me is the API. You can tie it in to Active Directory

          This trick alone makes my Lemmy addiction pay off. Thanks for even suggesting such magic is possible. Adding that as a task after my samba-AD rebuild this very f’n week.

    • Shadow
      link
      fedilink
      English
      6
      edit-2
      1 year ago

      So who has the highest score? I’ve got 21 on my OG email and 13 on my primary 🤣

      • cazool
        link
        fedilink
        English
        21 year ago

        30 on my OG and what use to be my primary up until a year ago.

    • @linux_user_6967
      link
      English
      41 year ago

      and if my Email is part of any kind of breach, is thier something else I should do beside changing my password ?

      PS: I do have 2FA activated already

      • Shadow
        link
        fedilink
        English
        71 year ago

        Use a unique password for everything. I recommend bitwarden