Post A0AzLNsoY4bdqs1CqW by cosmicnomad@fosstodon.org
(DIR) More posts by cosmicnomad@fosstodon.org
(DIR) Post #A0Ap2XzjjLlMAWdSfQ by kzimmermann@fosstodon.org
2020-10-15T03:41:44Z
0 likes, 0 repeats
Creating strong passwords should not have to be hard - at all! Here's an easy one-liner:openssl rand 32 | base64Make sure you store it somewhere safe so you don't forget, i.e. use a password manager.#security #password
(DIR) Post #A0AueXR0lE4FCsKO2a by tychi@fosstodon.org
2020-10-15T04:44:38Z
0 likes, 0 repeats
@kzimmermann what's a simple password manager to get started with? I was thinking pass but idk enough to make an informed decision at this stage.
(DIR) Post #A0Axwg0juecWseNcp6 by Citizenzibb@fosstodon.org
2020-10-15T04:48:42Z
0 likes, 0 repeats
@tychi @kzimmermann keypass looks pretty simple and I think it's open source
(DIR) Post #A0AxwgAfJkYnNR1YIK by tychi@fosstodon.org
2020-10-15T05:00:23Z
0 likes, 0 repeats
@Citizenzibb @kzimmermann looks like, if it's the same, I think it's keepass2 on Debian?
(DIR) Post #A0AxwgQcMRJwAuUI9w by kzimmermann@fosstodon.org
2020-10-15T05:21:26Z
0 likes, 0 repeats
@tychi @Citizenzibb I use keepassx, I think it's more up-to-date in terms of development compared to the classical keepass.They also have kp-cli for the terminal, but you need to have some sort of graphical clipboard utility (xsel, etc) to use it.
(DIR) Post #A0AyGx2IK7kfTTm7GK by kzimmermann@fosstodon.org
2020-10-15T05:25:11Z
0 likes, 0 repeats
@tychi @Citizenzibb the simplest implementation of a password I can think of is encrypting your passwords with your PGP key. Your "master key" is the same password as your PGP private key, and you can paste the "database" anywhere as plain ASCII.I think that's what `pass` does, and also was my basis for this: https://notabug.org/kzimmermann/quickpass
(DIR) Post #A0AzLNsoY4bdqs1CqW by cosmicnomad@fosstodon.org
2020-10-15T05:37:09Z
0 likes, 0 repeats
@kzimmermann Learn something new everyday! I typically use Lastpass to store my passwords as it's cross-platform so it just makes it easy to use where ever I am and no matter what I'm on but I like the idea of generating passwords myself. Adds more peace of mind that it's completely random and not something fed from software that I don't have access to. I appreciate the tip! Sidenote, what are some other good foss or secure password managers that you know of?
(DIR) Post #A0AzjloVE9Yr1Ld72m by kzimmermann@fosstodon.org
2020-10-15T05:41:38Z
0 likes, 0 repeats
@cosmicnomad glad you liked the tip!My favorite is #keepassx - a fork of the original KeePass that seems to be more maintained than the former. Super easy to use, can be unlocked either by master password or key file, and cross-platform. I think there's even a static HTML version that is implemented in client-side Javascript.
(DIR) Post #A0AzwL2c4siTkhDsgq by kzimmermann@fosstodon.org
2020-10-15T05:43:55Z
0 likes, 0 repeats
@cosmicnomad also, in case you're not on a Unix system and need some good, really random passwords, this Service by Random.org seems to be alright:https://www.random.org/passwords/?num=5&len=23&format=plain&rnd=new
(DIR) Post #A0B06gYgvoFNNoA3BQ by cosmicnomad@fosstodon.org
2020-10-15T05:45:47Z
0 likes, 0 repeats
@kzimmermann Amazing! I will check it out and probably start using it. I love Lastpass but it's always a good idea to have them backed up someplace and a second password vault doesn't sound like a bad idea lol. I really do appreciate the reply and recommendation! Cheers!
(DIR) Post #A0B17eCLIE3gJ1jKMK by tychi@fosstodon.org
2020-10-15T05:57:06Z
0 likes, 0 repeats
@kzimmermann @Citizenzibb I've always been confused about pgp vs gpg and haven't really used either because idk which one is better 😅
(DIR) Post #A0B1X0a7D184xywVf6 by kzimmermann@fosstodon.org
2020-10-15T06:01:42Z
1 likes, 0 repeats
@tychi @Citizenzibb ah, I used to have this same confusion before! 😁 PGP is the encryption technology and standard that Phil Zimmermann developed in the 90s.GPG is short for GnuPG, the GNU Project's implementation of the PGP standard, and the name of the actual program you use in a Linux system.Since the keys used here are part of the PGP standard, we call them PGP keys, not GPG keys.So, you always both PGP and GPG... just in different ways. Hope this helps clear things out!
(DIR) Post #A0B1xxC7uRosHTZRlQ by tychi@fosstodon.org
2020-10-15T06:06:33Z
0 likes, 0 repeats
@kzimmermann @Citizenzibb wait, so I'm either not confused anymore or I'm more confused. Let's give this statement a whirl:Not all PGP keys are GPG keys, but all GPG keys are PGP keys.But we'd never call it that and we'd just say PGP keys?
(DIR) Post #A0B2EOqmqyoegfQo76 by kzimmermann@fosstodon.org
2020-10-15T06:09:35Z
0 likes, 0 repeats
@tychi @Citizenzibb PGP keys == GPG keys (they're the same standard)I guess it's just that everyone calls them PGP keys
(DIR) Post #A0B2kPibA6iae5rnRA by tychi@fosstodon.org
2020-10-15T06:15:21Z
0 likes, 0 repeats
@kzimmermann @Citizenzibb thanks for clearing that up for me :)
(DIR) Post #A0ELlbEiIyTdGF2yjA by KinoKlaus@mas.to
2020-10-16T20:32:32Z
0 likes, 0 repeats
@kzimmermann I like making passwords, I usually take a long word from the dictionary or a phrase and rewrite it with numbers and symbols