adam
088fca16fb
3.8 KiB
how2-manage-passwords
I've been saying for years to anyone who will listen, get a password manager.
alternative, inferior solutions
You could pay a service like nordPass or LastPass or whatever.
pros:
- someone else keeps a server running for you. Meaning they worry about hardware, electricity, bandwidth.
- that other party hopefully has offsite backups, in case of some kind of natural disaster.
cons: [note] which, for once, is only fair.
- if their upkeep means they're never done paying, there's no way you're not on the infinite payment model as well.
- as long as they have all this data on what sites you consider important, and the frequency with which you visit them... what, are they going to not sell that data to advertisers?
- there was that one time LastPass raised their price and "coincidentally" "accidentally" found that their export function broke. which is partly the price point again, partly just some intolerable shenanigans.
Welcome the KeePassiah
KeePass is free and open source. OSI certified, uses state-of-the-art encryption, plays well with others. amazing. [Great Thing stamp over KeePass logo]
There's one flaw. [note] which is bad Most people have been trained that their cellphone is the nexus of their security and identity. KeePass exists where Mono does - that is, Windows, Linux, and Mac. So if you're watching this [is that David Finch? the director] on your fkn telephone! on mobile you'll want KeePassDX.
installed? great. make a new "database". give it a really good password - it'll even help you generate one. This is the one you rehearse and memorize and practice. For god's sake don't write it on a note stuck to your monitor. Please. I'm begging you.
Great. Easy. Store all your passwords. You can also "set up 2-factor". Much like google authenticator, except you get to decide which device is standing in for the "something you have" factor. [note] or more stuff. or less. whatever you want, i'm not your real dad. an "entry" is one account, a username/password combo. a "group" is a folder of those.
extra features on desktop
if you're on a real operating system, you'll probably want 2 more features:
first, browser integration. [note] I'm on KeePassXC, i assume o.g. KeePass is the same [note] RIP to anyone who's employer likes microsoft, being forced to use Edge. click the cog to go to settings. scroll the left menu to find browser integration. Check to enable. check to enable tor browser, check to enable firefox, check to enable any of the inferior junk (if you partake).
Since LibreWolf is new, we'll jump through a few hoops. [//TODO: rest of librewolf procedure]
[note] And I mean global, burn this into yourself across all your devices. Second: learn a new global hotkey. Cog for options, go to general, click Auto-Type. I use ctrl+alt+v. I use a typing delay of 25ms, any faster than that and I find some stuff can't keep up.
You probably want it to start automatically on startup, start minimized, minimize instead of exit, and you'll definitely want to automatically lock the database after some delay, if you're on a laptop you'll want it to lock the database when the lid is closed.
multi-track drifting
what if instead of the mobile path or the desktop path, you have both? Fortunately, KeePass databases are [heavenly chorus] a file. So you are allowed to back them up and sync them the same as any other file.
I use Syncthing. It's great for syncing moderate amounts of things, fairly quickly. On windows you want Synctrayzor - which is just syncthing and a tray app to start with windows. Make a folder, put your password db in that, add your other device, share the folder, and voila. now you can also add syncthing to your NAS box, if you're so lucky.
or maybe instead of syncthing, google drive. Or this episode's sponsor,
nah i'm kidding, not sponsored by anyone.