I use KeePass as my password manager. It UI isn’t the most intuitive but it’s open source and does everything I want. I don’t need to trust an external party with my passwords and by using Mega.nz I can still backup my key file.
Better than password managers, I believe, are deterministic password generators (like pwm) secured with a strong passphrase. lahwran wrote a command-line aid for coming up with actually decent and secure passphrases. You’ll want secure storage for modification details and one-off passwords, maybe a record of what sites you have accounts on, but just using a password manager doesn’t mean you’re using passwords intelligently.
From a security standpoint I’m not sure. If you use your password in public to unlock your device and the security doesn’t rely on a file or any kind of two factor authentification, a single camera is enough to lose all your passwords if you use a deterministic password generators.
while I agree and appreciate the mention, I do want to give password managers their fair representation—they’re definitely good enough on their own, and just have the annoyance and risk that you still have store something.
I use KeePass as my password manager. It UI isn’t the most intuitive but it’s open source and does everything I want. I don’t need to trust an external party with my passwords and by using Mega.nz I can still backup my key file.
Better than password managers, I believe, are deterministic password generators (like pwm) secured with a strong passphrase. lahwran wrote a command-line aid for coming up with actually decent and secure passphrases. You’ll want secure storage for modification details and one-off passwords, maybe a record of what sites you have accounts on, but just using a password manager doesn’t mean you’re using passwords intelligently.
From a security standpoint I’m not sure. If you use your password in public to unlock your device and the security doesn’t rely on a file or any kind of two factor authentification, a single camera is enough to lose all your passwords if you use a deterministic password generators.
while I agree and appreciate the mention, I do want to give password managers their fair representation—they’re definitely good enough on their own, and just have the annoyance and risk that you still have store something.