Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Bitwarden, been using it for 3yrs
I’ve been using gopass+Yubikey for years, with gopass syncing to a remote git repository. Works great on my phone too with Open Keychain+Password Store. I’m really happy with it, but do realize it doesn’t fit into most people’s workflow.
Put my wife on bitwarden though, and she’s pleased with it. At some point I’ll migrate her over to a self-hosted variant with Vaultwarden, but that’s mostly because I prefer to have services in-house, not because either of us are dissatisfied with BW.
Quick question - any issue with just saving passwords on Firefox? I use FF across all my devices and the sync between them without the need of an extra app is super convenient.
Or am I just being naive?
On Desktop you should set a Primary Password , then it is very secure.
https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas
Hope they’re encrypted/hashed at least
I use KeepassXC for years, but lately I’m having problems connecting it. I use it only offline and the Firefox plugin doesn’t work very well. It has many options, too many in my opinion. I don’t like having my passwords in a company’s cloud. The selfhosting is the solution, but i dont have to know
I use KeePass and keep it synced with self hosting Nextcloud. I get the appeal of bitwarden, but I’m really trying to get off other people’s computers.
Bitwarden with the self hosted vaultwarden server then, that way you get the nice bitwarden experience, apps, browser plugins, but all hosted on your own hardware. I run my vaultwarden server on my synology.
Vaultwarden can be easily hosted for free
You can host Bitwarden. It’s open source. I do it myself.
Now the open source version is called vaultwarden
Now the open source version is called vaultwarden
KeePass for me for the same reason.
Syncthing is another good cloud-free option.
Bitwarden, Been using it since 2021
Bitwarden. Tried Proton Pass but ultimately stuck with Bitwarden.
It has been my password manager of choice for quite some time and I didn’t see any reason to change.
Bitwarden gang
Your homegrown script opening a gpg encrypted file in runtimedir in a text editor.
15 years ago the common logic was the most likely way for a password to get stolen is by writing it down and leaving it in an accessible spot, and somebody stealing the password there.
I don’t think that logic holds anymore, and with the LastPass breach I think that’s proof you want to step away from the cloud not towards it. Imo the most secure way to store passwords is to generate multiple random codes, use a portion of each and then just write those down.
You can also use a password manager that’s not connected to a cloud. Or an encrypted usb stick. The problem with writing it on paper is, that people tend to use too short passwords or repeated passphrases. Using a really long master key and a key file with an encrypted database is safer than a cloud.
Usb sticks corrupts damn easily. Even faster carrying them around. Learnt that the hard way.
Or does anyone know about an usb stick that is practically immortal, that they can recommend?
NVME ssd in a carry usb adapter. It’s as reliable as a regular ssd, but it’s way more portable and durable than commercial external hdds. A little bigger than usb flash drives but worth the tradeoff. Wouldn’t use it as the only backup place for a password dB file but for carrying around its pretty good.
15 years ago you had to worry about the people around you. Now you have billions of bots trying to force shit all the time.
+1 for BitWarden.
Plus, it’s ridiculously easy to self-host with VaultWarden.
Self-hosted bit warden works like a charm plus you get to learn reverse proxies if you use docker on a Nas, it’s pretty fun, would recommend
OK, I understand some of those words. I have a nas and I want to self host with docker. I have read a little but its confusing. Do you have any links that explain the whole process? Especially the reverse proxy and making your containers available outside your lan? Thanks
It definitely is confusing, and I didn’t full grasp it when I did it 😅
The installation process will vary depending on your OS. I have a synology, so I followed this walkthrough and some youtube videos as well: https://mariushosting.com/how-to-install-bitwarden-on-your-synology-nas/ but QNAP, FreeNas, etc will have their own install process. They should be pretty similiar, though, if you use docker.
There are many tutorials on YouTube. I recommend SpaceinvaderOne’s tutorials. Very in-depth and easy to follow.
GNU Pass, has been the best one so far. Set up your own git to sync it to all devices.
Yes, used it for a long time. But moved to keepassxc for easier android and Windows compatibility
Is pass really part of GNU?
Pardon me, pass uses GNU PGP. I got that mixed up!
Bitwarden - does everything, and is free. You can even setup a shared vault so 2 people can have access to shared stuff like online shopping and streaming sites. Takes a bit of admin work but it is not hard.
Sadly that second but requires the other person to care enough to make an account and not just text you when they need the password 😂
Just send a photograph of your screen showing the requested password of 25 random characters so they have to type it out. Guaranteed their next question will be where they sign up for an account.
lol that’s generally what I do. Sometimes I’m nice enough to copy and paste. We don’t share a lot of accounts so it’s not a huge issue.
Personally I’m using Dashlane, I’m pretty comfortable with it and as far as I know there have been no breaches in security
Dashlane is fantastic. I was a bit hesitant about the price, but it’s so much sleeker and functional than everything else I’ve tried.