• 4grams
      link
      fedilink
      English
      8
      edit-2
      10 months ago

      I had an identity theft a few years back, still cleaning up from it. At the time I had the typical set of standard passwords that I would use. I thought they were ok since they were pretty random but I had one for Financial, one for Web Services, etc. so of course when the creds leaked, I suddenly had a bunch of credit card bills I never signed up for…

      Since then, every password is unique, my default is 31 characters, and 2-factor for everything possible. Unfortunately I initially settled on LastPass, figured that they had hopefully learned their lesson from their breach years ago. Then it happened again recently and I moved to Bitwarden so that I can eventually migrate to a self-hosted solution.

      I’ve been trying to get my family on board for years but it’s still too complex. Non-technical folk still will take the path of least resistance, even when the dangers are right in front of their face. We need something better.

      • @[email protected]
        link
        fedilink
        English
        810 months ago

        Keepass is probably the most secure, but was a pain for multi device / multi OS users last time I used it.

        Currently I use Bitwarden. You can either use their backend or you can self host. Cross platform, multi device support, 2FA support.

        • @[email protected]
          link
          fedilink
          English
          410 months ago

          I use Keepass with Syncthing as the sync backend. Syncthing comes as a Docker container these days and sets up in seconds, I like how it doesn’t rely on a central server and gives you some redundancy.

          Also, Keepassxc is a rewrite with better integration, true cross platform support and more features, keepassxc.org

          • SkaveRat
            link
            fedilink
            English
            210 months ago

            They are okay, but I had massive problems with their browser plugin after a while and moved to bitwarden

          • @[email protected]
            link
            fedilink
            English
            110 months ago

            I don’t know much about them to be honest, and what little I have heard sounded like it was paid for. My knee jerk reaction is to avoid them. Maybe they’re decent, maybe not. Couldn’t say.