Hm i switched from KeePass to Bitwarden because the latter lets me use my passwords on multiple devices and as a Firefox extension that enters my credentials at a shortcut.
Can you elaborate why you think KeePass is better?
I found keepassium for the work phone and I was in love that I could keep a separate db with my OTPs under a password and backed up.
Then I left that job and had to split my OTPs. Vanilla keepass for droid will gives me the OTP values for gitlab etc, so it’s good there, but Vanilla keepassium for Android has no camera/QR->OTP input that I have yet, one that works like keepassium does and is all compatible down the line. I’d love to keep using it to maintain the existing separate keepass OTP db I have.
Do you (or anyone) know of a good combo for droid that gets
keepass
backup to box/gdoc/etc
qr for OTP
In one final package? Does XC do it in a way we think may be compatible?
Keepass2Android does all that on android. It natively supports Dropbox, google drive, one drive, nextcloud, pcloud, and mega, plus you can use WebDAV or sftp. When editing an entry, the totp setup has the ability to scan qr codes with the camera. Plus, the whole thing is free and open source.
They even have a package on F-Droid, though that build lacks the built-in support for cloud syncing (due to F-Droid restrictions prohibiting binaries, I think).
I’ve used this app for years on android, paired with various cloud sync options as providers change their restrictions and capabilities. On desktop, I use keepassxc.
It’s very useful if you don’t use a password manager and/or reuse passwords.
The most useful part about it to me is the API. You can tie it in to Active Directory to blacklist all hashes that appear in any breach, plus expire/force a password change if any user on your domain uses a password that has been in a breach. It completely eliminates that vector from threat actors immediately.
The most useful part about it to me is the API. You can tie it in to Active Directory
This trick alone makes my Lemmy addiction pay off. Thanks for even suggesting such magic is possible. Adding that as a task after my samba-AD rebuild this very f’n week.
https://haveibeenpwned.com
To figure out if your email addresses are part of a known breach. Also, start using a password manager (https://bitwarden.com)
A good alternative to Bitwarden is KeePass/KeepassXC btw
A good alternative to keepass is a self hosted vaultwarden btw. (compiled from bitwardens opensource code iirc)
I agree. But I think is much easier for people to use KeePass compared to self hosting Vaultwarden
Nothing can beat passwords written on paper though
Scissors can.
So I will write them on a rock, instead.
But paper beats rock
Physical access can. Indentations on the below page can. Fire and moisture can. Someone looking over your shoulder can.
Hm i switched from KeePass to Bitwarden because the latter lets me use my passwords on multiple devices and as a Firefox extension that enters my credentials at a shortcut.
Can you elaborate why you think KeePass is better?
I think it’s more flexible. Also, due to the databases just being normal files you can sync them with syncthing between your devices.
In my case I run a NAS at home on which they’re stored so I don’t need to sync them. I just open them directly from the NAS.
I do all of that with Keepass, for what it’s worth.
I found keepassium for the work phone and I was in love that I could keep a separate db with my OTPs under a password and backed up.
Then I left that job and had to split my OTPs. Vanilla keepass for droid will gives me the OTP values for gitlab etc, so it’s good there, but Vanilla keepassium for Android has no camera/QR->OTP input that I have yet, one that works like keepassium does and is all compatible down the line. I’d love to keep using it to maintain the existing separate keepass OTP db I have.
Do you (or anyone) know of a good combo for droid that gets
In one final package? Does XC do it in a way we think may be compatible?
Keepass2Android does all that on android. It natively supports Dropbox, google drive, one drive, nextcloud, pcloud, and mega, plus you can use WebDAV or sftp. When editing an entry, the totp setup has the ability to scan qr codes with the camera. Plus, the whole thing is free and open source.
They even have a package on F-Droid, though that build lacks the built-in support for cloud syncing (due to F-Droid restrictions prohibiting binaries, I think).
I’ve used this app for years on android, paired with various cloud sync options as providers change their restrictions and capabilities. On desktop, I use keepassxc.
Is this really that useful though?
I pretty much just assume that I’m getting pwned regularly.
Obviously the password manager advice is very useful.
It’s very useful if you don’t use a password manager and/or reuse passwords.
The most useful part about it to me is the API. You can tie it in to Active Directory to blacklist all hashes that appear in any breach, plus expire/force a password change if any user on your domain uses a password that has been in a breach. It completely eliminates that vector from threat actors immediately.
So yeah, I would call this intensely useful.
This trick alone makes my Lemmy addiction pay off. Thanks for even suggesting such magic is possible. Adding that as a task after my samba-AD rebuild this very f’n week.
👍
Similar site for figure it out you’re trained for AI model:
https://haveibeentrained.com/