Trustworthy Password Managers

WildEagle

Tatooine, Sat, 07 Dec 2019 11:58:37 -0800

When I first was introduced to password managers, I thought it was very useful and cool, but I never wanted to use any of them because to use them is to blindly trust their code, servers, databases, and encryptions. Their code is hidden and can't be independently verified.

What is a password manager?
A password manager helps you keep track of passwords, when they need to be changed, helps generate strong random new passwords, and to be truely useful, they can type in passwords for you so you don't have to copy and past or copy character by character by hand. There is a lot more password managers can do depending on which one you use.

Without a password manager there is no way to remember all your passwords unless you use the same passwords for everything or write them down which are both extreemly risky. I did this by creating an encrypted file that I put all my passwords in.

Anyway, I finally took the time to research the various password managers out there to see if there was one I could trust. I found 2: KeePass and BitWarden. Both use open source code which is important to validate the security and encryption. If you are not paranoid about security like me, then BitWarden provides the more convenient solution while still being secure even though you use their server to store all your passwords. KeePass is just an application that stores the passwords locally on your device which adds aditional protections to keep them from falling into the wrong hands in case there is an exploit in the file that could reveal your passwords.

To use KeePass, I recomend using https://keepassxc.org/ as the application. Create your password database file and use your most secure old password until you have an oportunity to replace the password with a new secure password that you will never use for anything else. If you need step by step instructions for KeePass, there are many online, but first go to keepassxc.org. They should have some on how to use their software. If you can't figure it out, let me know so I can help you.

Artim

Mon, 18 Oct 2021 02:29:50 -0700 from ActivityPub

@wildeagle5 Disroot dumped Diaspora in favor of Hubzilla. But their e-mail service has been as reliable as ever.

WildEagle

Dagoba, Mon, 18 Oct 2021 16:04:59 -0700

@Artim Not trying to sound rude, but I do find this funny, so I hope you appreciate the humor as well. Each time you use a new system, I just follow you from my personal hubzilla server (including blog, 1st diaspora, 2nd diaspora, and now mastodon). I do love hubzilla, but the UI is not easy for begginers, and it has performance issues for big servers like disroot. My personal server works well for me.

For the record, I think you picked an awesome mastodon server to use. As for email, I like and love disroot, protonmail, and lavabit. Lavabit is my email of choice.

Artim

Mon, 18 Oct 2021 16:46:18 -0700 from ActivityPub

@wildeagle5 I thought the address was familiar! I'm glad we found each other again. Diaspora SUCKS - not the software, but the woke bullshit that has taken over. If I ever use Diaspora again it will be to run a private pod for friends and family.