Technology

Ah yes, KeepAss

sh.itjust.works

Forgot to mention I delete the text document and set fire to the computer's hard drive. The passwords are only ever in my ass, with the rest of my personal shit.

Bitwarden is probably a more pragmatic choice for most users, given that it's free and without having to manage the syncing yourself.

Any password manager is better than the alternative, though.

Keepass XC on PC, Keepass DX on Android, Syncthing to sync database

Works flawlessly!

Vaultwarden ftw

By storing your passwords and otp in the same place it becomes 1 factor authentification

so no more authy? BITWARDEN HAS THAT BUILT IN???? thats AWESOME

I was thinking about self hosting but I was worried it would be less secure. I don't really know a lot about setting that kind of thing up (I do have programming experience but don't have a lot of server hosting experience outside of doing it for games like Minecraft) and I feel like I'd mess it up and it would be a lot easier to get into than a hardened server. Especially cause the odds I get a virus or something is probably higher then the odds someone breaks into bitwarden's server. Idk if I'm wrong about this, would love to be corrected if I am, was just my initial thoughts when I switched over from a different password manager to bitwarden.

Go with something external, BitWarden or 1Password,

When it comes to security software, I usually recommend sticking to open-source solutions, which is why I'd recommend Bitwarden over 1Password. Their whole stack (backend, frontend, and native apps) is all open-source. A premium account is well worth the $10/year.

You can self-host their server, or self-host Vaultwarden which is an unofficial API-compatible reimplementation of the Bitwarden backend designed to be lighter weight. Note that Vaultwarden is unofficial and hasn't gone through the same security audits as Bitwarden has. It's a good piece of software though.

I use Keepass. Free, secure, great.

In a household it's probably not that bad. There aren't many people breaking into homes looking for account details.

I've had my identity stolen several times, and every single time it was stolen from a Fortune 500 company.

I just make all of my passwords password123 then I don't have to worry about memorizing them

Just add the same memorized bit to the end. Something simple like "123" would work. Even if the book is stolen it won't do them any good.

It's a primitive password manager, primitive because unencrypted and not integrated into your devices, but far better than not having a password manager.

My mom told me that she was made fun of for having a book of hand written account credentials related to running her business (6 people total). I told her it was the best way to do it that wasn't massively overcomplicated for her situation and to keep it up. The only recommendation I made is that she use different long passwords for every site since she's already not memorizing them.

Personally I'm not convinced this isn't the best way unless you're being targeted by physical bad actors

feel like "aaand it's gone" would fit better here

Something like 2/3rds of the world uses chrome for desktop. I'd bet that number is higher for windows specifically. If you're the rare person who doesn't use chrome then you're savy enough to know this doesn't apply to you

Keepass with syncthing is completely free and doesn't rely on cloud hosting