how do you geniuses handle all your passwords? People like pword managers but I have like 4 different OSes i use every day and on top of that centralised pword management makes me nervous, upset, and crabby. what if I have to log in from some other system ???
@will I am not a genius 😂, but I use a password manager (1Password). I will move them all next year to Keychain. As you can tell, I exclusively use macOS/iOS. But 1Password runs on macOS/iOS, Windows, and Android.
The four OS you use, are they all personal? My work provides us with Secret Server for everything related to it.
@will I’m exclusively on Linux and use KDE’s
kwalletmanager5 for all my private stuff. On my work machine I use GNOME’s
seahorse. Both password managers are not really to my liking, though. In fact, I think they suck. I came across
pass (https://www.passwordstore.org/) one day and might move to that in the future. Haven’t found any time so far to dive deeper into that one.
@fastidious Yes they are all personal.
@will there are many password managers out there that will run multi platform, with datafile(s) saved on your own chosen location. Sadly, I have no experience with those.
As @lyse mentions, pass runs on the shell, and uses GnuPG. Running it on a secured VM could do the trick!
I also use pass and the newer slightly more modern gopass
Ah, nice! So iIt’s @prologic-approved. :-)
I have been using keepass in various version for many years. Keep the database file in my Dropbox and there are clients for all OS
I use keeppass kbdx4 files. I use keepassxc with browser plugin on Fedora, and Strongbox on iOS and MacOS. I have them stored somewhere safe (duh 😂) and have a weekly backup running to two different locations.
Before that I was using vaultwarden, it’s a lighter version of bitwarden.
I’ve been using a combination of “one password for everything” (bad i know) and a sh script to make strong passwords for stuff that matters but I’ll probabaly switch to pass. The problem is we passed the point years ago where passwords that are secure (?) and meet the insane special character requirements are passwords I feel like typing out or even remembering. Kind of like I used to memorise my friends’ phone numbers as a kid but no more… that reminds me, I was recently able to log into my employer retirement account with just my birthdate and VOIP number 😂 💀
@will I self-host Vaultwarden, then point the various Bitwarden apps (or my browser, if that’s all that’s available) at it. Auto-fill functionality in general does the rest. 😊 I’ve only had one passphrase for years now, and any breach notifications I get are dealt with in seconds.
You can create an account on mine, if you want to try it out. 😁
The solutions already mentioned thus far are great. The one I personally use is KeePassXC, with the encrypted database file synchronized to my devices via Nextcloud but obviously you can use whatever file syncing method you please.
I never really used a password manager before doing this; I’m a total convert now though.
Just read this yarn again… My command line workflow is rubbish compared to many of you. 😆 Going to look at using the official Bitwarden command line client, and maybe some aliasing… Wonder whether I can use
bw get password to seamlessly pass secrets to commands?
It doesn’t happen very often, mind; I use
keychain to persist my SSH agent. Still… H’m. 🤔
@jlj I use
pass show in shell pipelines myself 😉
@prologic Neat! I mean, really, I should be using HashiCorp’s Vault, to keep me sharp in the day job. ;-)
@will At work we are using KeePass with Multi Cert KeyProvider Plugin.
We leave master password empty. Each person needs an own certificate to access the database file.
Not using a master password makes it easy to add or remove people with access w/o changing (and sharing) a master password.