Post A42FP6HDo52fThJ7sO by louiscouture@qoto.org
(DIR) More posts by louiscouture@qoto.org
(DIR) Post #A3dOT0Z3Pz8utIt1xg by calculsoberic@mstdn.social
2021-01-26T16:07:16Z
0 likes, 1 repeats
In the same vein as the last survey, which password manager do you use, if any?
(DIR) Post #A3dOWtZlLLuKNI4V1c by calculsoberic@mstdn.social
2021-01-26T16:07:58Z
0 likes, 0 repeats
I use KeePass, Bitwarden and occasionally pass (the unix password manager).
(DIR) Post #A3dOpV1cqWHtjayX20 by aspie4K@aspiechattr.me
2021-01-26T16:11:18Z
0 likes, 1 repeats
@calculsoberic ohh now this is an interesting one because I've been looking for a FOSS password manager that'll run on macOS not only Linux, it seems to be slim pickings out there. Doesn't even need to do fancy cloud syncing just literally be a secure place to generate and store passwords.
(DIR) Post #A3dOwUtpiBvhN6fR8i by calculsoberic@mstdn.social
2021-01-26T16:12:35Z
0 likes, 0 repeats
@aspie4K I suppose you can just generate passwords on the terminal! š date +%s | sha256sum | base64 | head -c 32 ; echo
(DIR) Post #A3dP67oqNZfKgVvNkO by aspie4K@aspiechattr.me
2021-01-26T16:14:12Z
0 likes, 0 repeats
@calculsoberic I use a homemade solution already but this is mostly for a non-techie relative who keeps asking about it so it needs to have an easy to use GUI.
(DIR) Post #A3dP9ghN9e0HjL82Hg by calculsoberic@mstdn.social
2021-01-26T16:14:59Z
0 likes, 0 repeats
@aspie4K oh, well that's different! if it's for yourself, I'd say use the terminal, but it sounds like your relative needs something simple.
(DIR) Post #A3dPG9YilULmydAHyK by abloo@fedi.absturztau.be
2021-01-26T16:16:10.140132Z
0 likes, 0 repeats
@calculsoberic keepassxc
(DIR) Post #A3dPGaBblWuBYlYiC8 by aspie4K@aspiechattr.me
2021-01-26T16:16:12Z
0 likes, 0 repeats
@calculsoberic yeah it just needs to be easy to use but secure i.e. not something closed source that puts all your passwords on its servers somewhere, you'd think this would be a simple enough ask but it's been very hard to find one!
(DIR) Post #A3dPKDZplgyUb3cjh2 by calculsoberic@mstdn.social
2021-01-26T16:16:51Z
1 likes, 0 repeats
@abloo Ah yes, actually it's that one I use not the original
(DIR) Post #A3dPUQuH40RUpl3Uw4 by siina@fedi.cybre.city
2021-01-26T16:18:44.687153Z
0 likes, 0 repeats
@abloo @calculsoberic also keepassxc
(DIR) Post #A3dPWAhaHcSn9fwt9M by tharpa@mastodon.online
2021-01-26T16:19:02Z
0 likes, 1 repeats
@calculsoberic I use Password Gorilla on Linux and KeePass on Windows. I also make sure to back up my safes. Wouldn't want to be like that guy who lost $100 M in bitcoin because he forgot his password.
(DIR) Post #A3dPZ1ku0DHuHDrXOa by calculsoberic@mstdn.social
2021-01-26T16:19:32Z
0 likes, 0 repeats
@tharpa I heard about that guy!!
(DIR) Post #A3dQApNCUJ5msUnhse by make@pl.prvcy.eu
2021-01-26T16:26:04.355408Z
0 likes, 1 repeats
@calculsoberic bitwardenrs
(DIR) Post #A3dQZuQ8rIOnlv8Vqy by MacKing@social.anoxinon.de
2021-01-26T16:30:53Z
0 likes, 0 repeats
@calculsoberic Enpass
(DIR) Post #A3dQoRqXNZs5UhPoaO by mur2501@qoto.org
2021-01-26T16:33:32Z
0 likes, 0 repeats
@calculsoberic You forgot the 'none' option for the people using no password managers
(DIR) Post #A3dQqklW0fp2kXAK6y by calculsoberic@mstdn.social
2021-01-26T16:33:57Z
0 likes, 0 repeats
@mur2501 Well that would be under "another," I suppose. š
(DIR) Post #A3dRBhb8ysMx0XIsnA by mur2501@qoto.org
2021-01-26T16:37:44Z
0 likes, 0 repeats
@calculsoberic Another doesn't really makes it clear that the person doesn't uses one or uses something else, in surveys this kinda data is important to note :ablobcatangel:
(DIR) Post #A3dRH8Q8gOo1dzkLvU by calculsoberic@mstdn.social
2021-01-26T16:38:44Z
0 likes, 0 repeats
@mur2501 @ThorOfAsgard
(DIR) Post #A3dROZs51K4eo9Mfyq by calculsoberic@mstdn.social
2021-01-26T16:40:04Z
0 likes, 0 repeats
@mur2501 Well, that's a limitation of Mastodon surveys...
(DIR) Post #A3dRWChT3PdLGD2Nbk by mur2501@qoto.org
2021-01-26T16:41:26Z
0 likes, 0 repeats
@calculsoberic We shall make a new survey system :ablobcatwink:
(DIR) Post #A3dRaBgyk90PIDhydc by calculsoberic@mstdn.social
2021-01-26T16:42:06Z
0 likes, 0 repeats
@mur2501 Good idea! On nerd.town I think there's some more flexibility
(DIR) Post #A3dRcoUXSWuGCq8qNU by floof-rocks@fedi.absturztau.be
2021-01-26T16:42:19.282606Z
0 likes, 0 repeats
@calculsoberic pass
(DIR) Post #A3dRcovpp2jzZUudvM by calculsoberic@mstdn.social
2021-01-26T16:42:38Z
0 likes, 0 repeats
@floof-rocks w00t, pass!!!
(DIR) Post #A3dRiezZgspITvRk0m by mur2501@qoto.org
2021-01-26T16:43:37Z
0 likes, 0 repeats
@calculsoberic Do you interest in Censuses, surveying, map making, etc??
(DIR) Post #A3dRkt2sPbSse83KJk by calculsoberic@mstdn.social
2021-01-26T16:44:06Z
0 likes, 0 repeats
@mur2501 Sure, among my billion hobbies
(DIR) Post #A3dSD9NLI4qLOx6PSK by mur2501@qoto.org
2021-01-26T16:49:11Z
0 likes, 0 repeats
@calculsoberic I love it :ablobblewobble:India having census this year :ablobcatangel:Probably we beat China in population now :ablobblastoff:
(DIR) Post #A3dSPqrhQHkPl0MGXI by calculsoberic@mstdn.social
2021-01-26T16:51:30Z
0 likes, 0 repeats
@mur2501 I'm really curious if that's true!
(DIR) Post #A3dTChuFWKZAA3qZXc by mur2501@qoto.org
2021-01-26T17:00:08Z
0 likes, 0 repeats
@calculsoberic But it takes time to census 1.3 billion people :ablobblewobble:So we have to wait :ablobcatbongo:
(DIR) Post #A3dYM3aglbjVn8yWyu by Kshysio@mstdn.social
2021-01-26T17:47:58Z
0 likes, 0 repeats
@aspie4K @calculsoberic You can make a shell script and launch it from file manager if you like.
(DIR) Post #A3dYM3ynJz10zuFmYS by calculsoberic@mstdn.social
2021-01-26T17:58:01Z
0 likes, 0 repeats
@Kshysio Excellent idea. I'm still learning a lot of that and Linux in general! :ed_grin: @aspie4K
(DIR) Post #A3dYmunhYYSKLervvM by aspie4K@aspiechattr.me
2021-01-26T18:02:16Z
0 likes, 1 repeats
@Kshysio @calculsoberic I could but it still wouldn't have any kind of real GUI. And how would I store the passwords in a way that is secure and easy for a normie to navigate? That's my top concern. Really surprised no project for this exists already. I might brush up on my JS and CSS, knock up a web GUI in React, and have it run shell scripts and store them in an encrypted folder, managed with Python or... something. But like how does this not already exist???
(DIR) Post #A3dZJpZ42qTRfIiYyG by calculsoberic@mstdn.social
2021-01-26T18:08:50Z
0 likes, 0 repeats
@aspie4K Right, the command line version might work for you and I, but for someone like our grandparents, definitely not. You have to find a middle ground between security and usability, which is difficult. @Kshysio
(DIR) Post #A3dZX75SCyOXm5CYDY by calculsoberic@mstdn.social
2021-01-26T18:11:15Z
0 likes, 0 repeats
bwahahaha no one uses LastPass
(DIR) Post #A3dZcKbXNUyn97hEZM by irl@hackers.town
2021-01-26T18:12:10Z
0 likes, 0 repeats
@calculsoberic https://www.passwordstore.org/ but getting more and more fed up with gpg
(DIR) Post #A3dZiUdsyDps11jVGS by calculsoberic@mstdn.social
2021-01-26T18:13:19Z
0 likes, 0 repeats
@irl Omg me too!!! Had that problem with the Tor Browser where it wouldn't verify the GPG key because supposedly they didn't "match," even though it was the real Tor browser.
(DIR) Post #A3da2C0Ry6Nk0agGS8 by irl@hackers.town
2021-01-26T18:15:03Z
0 likes, 0 repeats
@calculsoberic my most recent problem is that my "backup" GPG key that i encrypt my passwords to expired, and i couldn't generate a new password because gpg refused to encrypt to an expired subkey.problem is that i don't know of anything that is actually better.
(DIR) Post #A3da2COYWTfFDLxW1g by calculsoberic@mstdn.social
2021-01-26T18:16:51Z
0 likes, 0 repeats
@irl Hmm, I wish I knew of a better option. So you can't generate a new key? I had done that recently.
(DIR) Post #A3daHe95d4WHco5gvI by kuoriv@mstdn.social
2021-01-26T18:19:39Z
0 likes, 0 repeats
@calculsoberic sorry to be a noob, but does the default Mozilla password manager work or should I dump it for KeePass?
(DIR) Post #A3daTAmSdKG81g0DQ0 by calculsoberic@mstdn.social
2021-01-26T18:21:44Z
0 likes, 0 repeats
@kuoriv It's OK, no worries! The problem with some browser-based password managers is that people can "steal" the cookies from the browser and thereby have access to your passwords (at least this is true of Chrome). I would consider KeePass more secure. With that, you can store the passwords offline. It may take a little while to learn it is all.
(DIR) Post #A3daxfJRgFeHPHyFEG by kuoriv@mstdn.social
2021-01-26T18:27:15Z
0 likes, 0 repeats
@calculsoberic excellent. Thanks for explaining.
(DIR) Post #A3db0EUxpcKz73aBl2 by calculsoberic@mstdn.social
2021-01-26T18:27:43Z
0 likes, 0 repeats
@kuoriv Also, Bitwarden (and maybe KeePass does this too) auto logs you out every so often so that some random person won't just come by and have access to all your passwords! But you have to remember your master password.
(DIR) Post #A3db2f14D58zw3kwca by calculsoberic@mstdn.social
2021-01-26T18:28:10Z
0 likes, 0 repeats
@kuoriv My pleasure! This is my passion šØ
(DIR) Post #A3db2mCfULaEE4EoAy by Kshysio@mstdn.social
2021-01-26T18:28:10Z
0 likes, 0 repeats
@calculsoberic @aspie4K After searching on github i found some simple password manager. I don't know if it meets your requirements, but I recommend looking for such projects on github/gitlab. https://github.com/FalkAlexander/PasswordSafe
(DIR) Post #A3db6wIbtVdShD0CG0 by calculsoberic@mstdn.social
2021-01-26T18:28:53Z
0 likes, 0 repeats
@Kshysio I'll take a look at this! They may all seem to be the same but they're very different under the hood. @aspie4K
(DIR) Post #A3dbMxnS5vKTyQ4Lh2 by agoodlook@mstdn.social
2021-01-26T18:31:50Z
0 likes, 0 repeats
@calculsoberic NordPass.Not sure if it's quality or not tho.
(DIR) Post #A3dbsH26clMKbwqxVo by calculsoberic@mstdn.social
2021-01-26T18:37:29Z
0 likes, 0 repeats
@agoodlook I've heard about it, but I'm not sure one way or the other. Really, what it comes down to is the type of encryption. Many of the managers use AES-256, and NordPass uses XChaCha20. https://crypto.stackexchange.com/questions/34455/whats-the-appeal-of-using-chacha20-instead-of-aes
(DIR) Post #A3dbsuYNghLjBLFmjY by Scout@todon.nl
2021-01-26T18:37:34Z
0 likes, 0 repeats
@calculsoberic do you know if bitwarden has this weakness in firefox?
(DIR) Post #A3dbzCy48Xcs1wGnui by calculsoberic@mstdn.social
2021-01-26T18:38:45Z
0 likes, 0 repeats
@Scout I don't think so, because you aren't storing it in the browser itself, but I'd need to double check that. Good question!
(DIR) Post #A3dc5NY5i3Q8aI3y6K by Scout@todon.nl
2021-01-26T18:39:50Z
0 likes, 0 repeats
@calculsoberic that's what I was thinking. I find bitwarden really dang convenient so I'd like to not have to switch password managers again
(DIR) Post #A3dcAmsCytZ0Zh3GT2 by calculsoberic@mstdn.social
2021-01-26T18:40:49Z
0 likes, 0 repeats
@Scout So do I! I think you're OK with Bitwarden, it was more if you store them in the browser's built in manager. Do you generate your passwords on Bitwarden too? I either do that or use Diceware.
(DIR) Post #A3dcJFeBstIS8FWz0S by calculsoberic@mstdn.social
2021-01-26T18:42:22Z
0 likes, 0 repeats
@Scout Ironically, the main problem I have since getting doxed and all is sites telling me my passwords are too long! :bloblaugh:
(DIR) Post #A3dco7LEoZOxLjNsC8 by Scout@todon.nl
2021-01-26T18:47:56Z
0 likes, 1 repeats
@calculsoberic yeah I generate in bitwarden usually and i change em pretty frequently and I find bitwarden is really streamlined in that whole experience compared to other managers I've used
(DIR) Post #A3dd4GiDk5Yv2sprUW by majo@metalhead.club
2021-01-26T18:50:51Z
0 likes, 0 repeats
@calculsoberic Iām using Enpass.
(DIR) Post #A3ddDaDMbQJi8YqNdo by calculsoberic@mstdn.social
2021-01-26T18:52:32Z
0 likes, 0 repeats
@majo Haven't heard of that one until now!
(DIR) Post #A3ddHVrqhs5VoUedyy by calculsoberic@mstdn.social
2021-01-26T18:53:15Z
0 likes, 0 repeats
@Scout I really should do a more extensive comparison - I think it would be fun (yeah, this stuff is fun for me!) :flan_laugh:
(DIR) Post #A3dk4FbqXf8FIvnCgS by irl@hackers.town
2021-01-26T20:09:16Z
0 likes, 0 repeats
@calculsoberic I just need to update the expiry on the public key but it's a hassle because I keep the backup key offline in a Tails USB stick.
(DIR) Post #A3dk968rAZn9OBXnmq by calculsoberic@mstdn.social
2021-01-26T20:10:10Z
0 likes, 0 repeats
@irl Heh, yeah a lot of security stuff can be a hassle, can't it? I think it's worth it though.
(DIR) Post #A3dkF4sMn02jCTgN5k by irl@hackers.town
2021-01-26T20:11:14Z
0 likes, 0 repeats
@calculsoberic There are definitely places where you can do trade-offs to make some thing more convenient, leaving enough brain budget left to make other things more secure. I might be doing a work project on this soon which I'll be able to turn into a blog post series perhaps.
(DIR) Post #A3dkdoCZv65mj5vevg by calculsoberic@mstdn.social
2021-01-26T20:15:43Z
0 likes, 0 repeats
@irl I'd love to read that! Maybe I ought to stop by hacktown soon too...
(DIR) Post #A3dzzkebI59tPCxPdY by agoodlook@mstdn.social
2021-01-26T23:07:46Z
0 likes, 0 repeats
@calculsoberic Thanks for the link. It's good to know.
(DIR) Post #A3e02TqUEw5E90on7w by calculsoberic@mstdn.social
2021-01-26T23:08:16Z
0 likes, 0 repeats
@agoodlook You're welcome!
(DIR) Post #A3e92TLUztdMBKOXxI by 0PT41N@fosstodon.org
2021-01-27T00:49:05Z
0 likes, 0 repeats
@calculsoberic Same I use KeePass and have my passwords localy (because I don't trust cloud that much) But I also have Bitwarden in case i loose the Original password file from my server. I am trying to get Nextcloud :nextcloud: working so that I can host my own cloud so I don't have to use remote servers :smart:
(DIR) Post #A3eAUSsMRDrempg4Ei by manarock@shitposter.club
2021-01-27T01:05:24.326357Z
0 likes, 0 repeats
@calculsoberic I just use one password for everything like a pro š
(DIR) Post #A3eBlNDQprSa6p9yG8 by kiri@fosstodon.org
2021-01-27T01:19:37Z
0 likes, 0 repeats
@calculsoberic Personally I prefer gopass
(DIR) Post #A3eCkIzZ9ZBqfrjFAG by justin@ser.endipito.us
2021-01-27T01:30:37Z
0 likes, 0 repeats
@calculsoberic 1Password
(DIR) Post #A3eIvssQfqKUsbILoG by adam@social.librem.one
2021-01-27T02:39:59Z
0 likes, 0 repeats
@aspie4K @calculsoberic What's wrong with Keepass? The reason I switched to that is because there are tons of client programs available for every platform imaginable.
(DIR) Post #A3fLmv5rYb9KAWxIoq by ranx@mastodon.social
2021-01-27T14:46:40Z
0 likes, 1 repeats
@calculsoberic Pen and paper
(DIR) Post #A3fLugVhf2cZFxkENM by calculsoberic@mstdn.social
2021-01-27T14:48:05Z
0 likes, 0 repeats
@ranx I used to do that until someone found my written down passwords! I've started trying to make them complicated enough that only I can understand them, even if someone were to see it written down.
(DIR) Post #A3fMt7zibY23s7bbsG by ranx@mastodon.social
2021-01-27T14:59:00Z
0 likes, 0 repeats
@calculsoberic haha... I never wrote them down before because I relied on my brain, but I'm getting older and I have several accounts and a different passw for each one of them (of course). luckily I'm the only one accessing my room, also I wrote them so small that intruders should use an electron microscope to understand what's written on the paper, assuming they understand my handwriting š
(DIR) Post #A3fN1Y9hDsB1KEHwtk by calculsoberic@mstdn.social
2021-01-27T15:00:32Z
0 likes, 0 repeats
@ranx well, you know yourself better than anyone! If you're sure that no one else has access to your room, then that's what works best for you. I have way too many accounts and a different password for each, so I don't think I could remember them all.
(DIR) Post #A3ft515LJee2S2wuFk by zem@conesphere.social
2021-01-27T20:59:14Z
0 likes, 0 repeats
@calculsoberic password-store
(DIR) Post #A423kCdW9rcJpj243M by louiscouture@qoto.org
2021-02-07T13:43:07Z
0 likes, 0 repeats
@calculsoberic @stux just the one in safari
(DIR) Post #A42BJg7NEnMx5DrP9c by calculsoberic@mstdn.social
2021-02-07T15:08:00Z
0 likes, 0 repeats
@louiscouture Never used that one, but I assume it's pretty good. I'm working on doing a more detailed article about this.@stux
(DIR) Post #A42FEr49VOHXPHJDqS by louiscouture@qoto.org
2021-02-07T15:51:56Z
0 likes, 0 repeats
@calculsoberic @stux it really is if you are deep in the apple ecosystem like me, because it integrates on your phone and tablet, with faceId and touchID and in apps.
(DIR) Post #A42FMmCzRu5wesDiHw by calculsoberic@mstdn.social
2021-02-07T15:53:22Z
0 likes, 0 repeats
@louiscouture That makes sense. I have touch ID and face ID on my phone too, although it's an Android.
(DIR) Post #A42FP6HDo52fThJ7sO by louiscouture@qoto.org
2021-02-07T15:53:48Z
0 likes, 0 repeats
@calculsoberic @stux but like the same tech, or an android equivalent?
(DIR) Post #A42FTp9Cv7j7ngoMYy by calculsoberic@mstdn.social
2021-02-07T15:54:40Z
0 likes, 0 repeats
@louiscouture an android equivalent. Probably doesn't work the same way. Do you have a reference?
(DIR) Post #A42FpNCxTmYTWCqDtQ by louiscouture@qoto.org
2021-02-07T15:58:33Z
0 likes, 0 repeats
@calculsoberic I'm considering Face ID as the technology owned by Apple that works on apple devices. Android and Linux phone can make biometric authentification technology through face or fingerprint that is almost as good as apple's or as or better, but it can't be "FaceID" and will not work with safari as safari is not available on android.
(DIR) Post #A42FvLNNCgjXZeYlUm by calculsoberic@mstdn.social
2021-02-07T15:59:38Z
0 likes, 0 repeats
@louiscouture Well, I haven't used the Apple version. My wife has all Mac products, so she's probably using the same one.
(DIR) Post #A42G51t0WMY01VyV6W by louiscouture@qoto.org
2021-02-07T16:01:23Z
0 likes, 0 repeats
@calculsoberic yeah, but does she use chrome or safari?
(DIR) Post #A42GAsCLSD6riJo3VI by calculsoberic@mstdn.social
2021-02-07T16:02:26Z
0 likes, 0 repeats
@louiscouture Chrome, Firefox, or Safari.
(DIR) Post #A42GGvqMoSwSl2PoRs by louiscouture@qoto.org
2021-02-07T16:03:32Z
0 likes, 0 repeats
@calculsoberic but like, where does she register for stuff?
(DIR) Post #A42GJMkDlckOlhhXKi by calculsoberic@mstdn.social
2021-02-07T16:03:58Z
0 likes, 0 repeats
@louiscouture I'm not sure what you mean.
(DIR) Post #A42GYPY5cgPpoGCWSO by louiscouture@qoto.org
2021-02-07T16:06:41Z
0 likes, 0 repeats
@calculsoberic when you sign up for stuff? Cause if she uses safari, then safari will suggest passwords, and auto complete all of her infos in forms, and these password will be stored in the app for password, and whenever she connects to a website, it will suggest to write her username and her password.
(DIR) Post #A42GbN6TAheT5sh3x2 by calculsoberic@mstdn.social
2021-02-07T16:07:14Z
0 likes, 0 repeats
@louiscouture Oh, I see. She has a password manager for that.
(DIR) Post #A42GjDYyWfE5p1lgrA by louiscouture@qoto.org
2021-02-07T16:08:37Z
0 likes, 0 repeats
@calculsoberic ok so if she has a dedicated password manager, then she probably don't use the apple built in. It's understandable if you use many browsers equally.
(DIR) Post #A42HFUMPbp8VBWHPaC by louiscouture@qoto.org
2021-02-07T16:11:25Z
0 likes, 0 repeats
@calculsoberic I for one mainly use safari, so I'm using the built in. My only use for chrome based browsers are the use of Progressive web apps and developpment purposes, so I only have some main accounts like google or facebook or websites I want to be using in that browser
(DIR) Post #A42HFUlE7YzAQTtEGG by calculsoberic@mstdn.social
2021-02-07T16:14:29Z
0 likes, 0 repeats
@louiscouture I mostly use Firefox, but like you it depends on the purpose I'm using it for. I use Tor when I'm writing about things related to Tor, for example.