|
https://www.youtube.com/watch?v=n5GzlOpf3KA
|
#
?
Feb 16, 2020 14:15
|
|
|
|
| # ? May 2, 2024 19:10 |
|
|
i put poo poo i don't care much about in my browser pass manager important poo poo goes into keep rear end
|
|
#
?
Feb 16, 2020 15:08
|
|
|
never store or autofill your email passwords, that poo poo is your weakest link right there
|
|
#
?
Feb 16, 2020 15:08
|
|
|
1password. it seems fine enough that im not gonna fuq with migrating on a whim.
|
|
#
?
Feb 16, 2020 17:19
|
|
|
lastpass fukkewn rules heeeeps
|
|
#
?
Feb 16, 2020 19:04
|
|
|
echinopsis posted:lastpass fukkewn rules this
|
|
#
?
Feb 16, 2020 21:17
|
|
|
keepass + nextcloud don't use a password manager that has browser integration
|
|
#
?
Feb 16, 2020 21:28
|
|
|
A notepad
|
|
#
?
Feb 16, 2020 21:36
|
|
|
keep rear end
|
|
#
?
Feb 16, 2020 21:54
|
|
|
I like lastpass, but I don’t use it. I like it because it’s such a gently caress up and causes panic all the time.
|
|
#
?
Feb 16, 2020 21:57
|
|
|
Bitwarden
|
|
#
?
Feb 16, 2020 22:32
|
|
|
Buttwarden after a while of using keep rear end and zxcpass
|
|
#
?
Feb 16, 2020 23:18
|
|
|
Cold on a Cob posted:i put poo poo i don't care much about in my browser pass manager this is the way
|
|
#
?
Feb 17, 2020 02:05
|
|
|
burning swine posted:don't use a password manager that has browser integration I presume you say this because on some level, an exploit could open up in the browser and in last pass at the same time and someone could access my passwords?
|
|
#
?
Feb 17, 2020 02:53
|
|
|
1password user checking in. I've been wary ever since they took a bunch of VC money last year, but the client quality seems to be holding up so far (and the clients are quite nice) just to make a point in favor of browser integration, it's not purely a matter of convenience, it also means the client can warn you if you're about to get phished by goog1e.com. but the attack surface is admittedly larger
|
|
#
?
Feb 17, 2020 07:36
|
|
|
dashlane has still been my manager of choice, but I memorize my primarily email address and don't keep that in it. I'm thinking of maybe transitioning out a few of the more sensitive ones to keepass + google drive or something.
|
|
#
?
Feb 17, 2020 08:15
|
|
|
just use a brainwallet, op
|
|
#
?
Feb 17, 2020 08:34
|
|
|
Intergalactic planetary planetary intergalactic!
|
|
#
?
Feb 17, 2020 08:44
|
|
|
Progressive JPEG posted:I used 1pass for a couple years until realizing that using it via a browser extension is a bad idea and risks e.g. a flaw in the browser or extension quickly leading to arbitrary websites seeing everything in it 1Password X seems to be completely fine. Unless you autofill something you shouldn't, there's really no way for a webpage to ever see anything in it. https://support.1password.com/1password-x-security/
|
|
#
?
Feb 18, 2020 00:45
|
|
|
Progressive JPEG posted:I used 1pass for a couple years until realizing that using it via a browser extension is a bad idea and risks e.g. a flaw in the browser or extension quickly leading to arbitrary websites seeing everything in it does bitkeeper mean bitwarden? or keeper? if bitwarden then since it’s electron it’s also stored in a browser 
|
|
#
?
Feb 18, 2020 00:47
|
|
|
i do not trust browser autofill extensions. only safari + icloud keychain if that counts.
|
|
#
?
Feb 18, 2020 02:31
|
|
|
Last Chance posted:i do not trust browser autofill extensions. only safari + icloud keychain if that counts. this for mobile but also it pulls from 1password as well. i appreciate when it hops into 1p to select and it also adds the otp to the clipboard for the next screen i switched to the sub when i realized keeping devices across several platforms on maintained clients exceeded the annual rate even if i bought on sale and in bundles
|
|
#
?
Feb 18, 2020 02:46
|
|
|
Buff Hardback posted:1Password X seems to be completely fine. Unless you autofill something you shouldn't, there's really no way for a webpage to ever see anything in it. it’s effectively dependent on browser sandboxing working perfectly and that historically has not been the case to put it mildly better to just keep the software that holds all the keys separate from the software that handles all the untrusted data Vomik posted:does bitkeeper mean bitwarden? or keeper? whoops yeah, edited yeah it’s not great but I figure the trade off is acceptable since: - it’s a separate process from the main browser - I only open it when actually retrieving something, as opposed to a browser add on that would always be present
|
|
#
?
Feb 18, 2020 23:23
|
|
|
Notes in Outlook - it's encrypted!
|
|
#
?
Feb 19, 2020 05:32
|
|
|
1password that’s not the manager i use, but my password for everything. it’s so convenient.
|
|
#
?
Feb 19, 2020 19:30
|
|
|
op I just use the only pw manager given to me by god: my enormous brain
|
|
#
?
Feb 19, 2020 20:11
|
|
|
passwords are stored in the balls
|
|
#
?
Feb 20, 2020 19:19
|
|
|
lastpass with browser integration what’s actually hugely disturbing tho is how my ex managed to buy some poo poo from a print shop with my paypal. it was an accident and she paid me back, but what’s amazing is that she did it last year which at the time was perhaps understandable as it may have still been logged in etc, but since then i changed the password on my paypal and last pass so presumably there was no possible way for her to do it (choose my paypal over hers) unless it was just left logged in it’s disturbing to me how little security paypal seems to have when you dive in. like google lets you see all open sessions etc and close them, same with facebook. but paypal? i find no way to do anything like that, just most options to make logging in quicker
|
|
#
?
Feb 21, 2020 00:48
|
|
|
more like... assword manager
|
|
#
?
Feb 21, 2020 00:50
|
|
|
Asleep Style posted:more like... assword manager OH HO HO HO You said rear end!
|
|
#
?
Feb 21, 2020 07:47
|
|
|
Neslepaks posted:i use pass. no browser integration because i dont trust browsers
|
|
#
?
Feb 21, 2020 16:18
|
|
|
so whats the difference in the security model etc that makes 1password preferable over lastpass? they both seem to come from similar origins and have similar functionality, is it just a matter of vulnerability track record?
|
|
#
?
Feb 25, 2020 06:44
|
|
|
Trimson Grondag 3 posted:so whats the difference in the security model etc that makes 1password preferable over lastpass? they both seem to come from similar origins and have similar functionality, is it just a matter of vulnerability track record? afaik 1Password has never been compromised (don't quote me on this i don't wanna be a secfuck) vs. lastpass's like 2. additionally, lastpass has the ability to reset your password using weird one time password things. i don't want that. if i get hosed i want it to be irrecoverable. 1Password has the secret key which tacks on another 128 bits of entropy, plus smaller company means generally more responsive w.r.t. support. 1password doesn't make weird false claims about 2fa like lastpass does, where 2fa doesn't allow for decryption of secrets, so there's no real point in offering 2fa on every vault unlock since it's just proving who you say you are, not that you have the master password to unlock the vault. this is a common complaint i see on the 1password forums "waaaaa i want to be prompted for 2fa every single time i unlock my vault"
|
|
#
?
Feb 25, 2020 06:55
|
|
|
1passwird creates a local database and can use cloud services like dropbox to share them around lasspass is pure cloud based and it’s their server so super convenient I THINK 1passwors now has their own servers? both use top shelf encryption and encourage very strong behaviour I appreciate that lass pass let’s me be slack tho so i can use touch id to open it and it’s fast and works so well
|
|
#
?
Feb 25, 2020 06:56
|
|
|
convenience over security imo
|
|
#
?
Feb 25, 2020 06:57
|
|
|
1Password moved off of third party repo hosting to offering their own storage both to not have to deal with supporting multiple providers (Dropbox, iCloud) and Dropbox making things a bit tougher for them iirc
|
|
#
?
Feb 25, 2020 06:59
|
|
|
shame there is no middle ground between free and 1password like 20 a year? yep for sure
|
|
#
?
Feb 25, 2020 07:34
|
|
|
lastpass had a thing once where attackers could gain access to your vault by you visiting a web page
|
|
#
?
Feb 25, 2020 09:47
|
|
|
that feeling when you never visited a page
|
|
#
?
Feb 25, 2020 10:18
|
|
|
|
| # ? May 2, 2024 19:10 |
|
|
I have moved everything to Bitwarden, it is open source and audited and cool stuff.
|
|
#
?
Feb 25, 2020 15:05
|
|