@algernon yeah, the Logmein take over concerned me also when it happened. Fell off the radar in the end though.

@kev 'tis not just the LogMeIn takeover (there are at least some very good people there), it was a mess before that too, which the LogMeIn audit just highlighted. Sadly the audit results never made it out the LogMeIn door :|

@algernon I'm sure it didn't if it was a damming.

@lx @nextcloud never heard of it, I'll check it out, thanks.

@kev @nextcloud I also never heard of them until recently, but it seems like they have a good offer with lots of apps and addons.

@kev @nextcloud There is also an addon for nextcloud that you can use in your browser, but I don't think there is an app for it.

@nextcloud @kev * this one: https://github.com/nextcloud/passman

@lx @nextcloud yeah, there is. I've played around with Passman. There is actually a beta app in the play store for it also.

I do like Passman, but it seems to be lacking in other features of Lastpass that I use, like form fills. I could live without that though...

@kev @lx maybe open an issue about it in their tracker or donate towards their development. :) Passman developers integrate pretty well with Nextcloud so they are absolutely worth supporting. :)

@nextcloud @lx yeah, maybe a donation is in order...

@BarefootWarrior I use Firefox sync.

@kev that means that my Brave, Vivaldy, Google Chrome and Chromium will miss out? I definitely favour to view some sites on a specific browser. ZerNet MUST go on Chromium for example or I can't read the thing and don't see the buttons.

@kev ZerNet = ZeroNet of course.

@BarefootWarrior @kev
I use keepass, and syncthing to share the data file between devices.
Never used online password service.

@ignitionigel @kev Thanks Nigel, sounds like Keepass may be the way to go. I'll look into that seriously. In the process of installing syncthing too. On Ubuntu Budgie 17,10 FYI

@BarefootWarrior @kev
As far as being slick, you can get browser integration for Keepass with plugins, but I haven't bothered. I'm somewhat browser agnostic, changing as needed because of issues or whatever.
I just go to login page of the site, highlight the user field, alt-tab to (or start) keepass, highlight the entry I need, and Ctrl-V to have it auto type into the site for me. It's fairly painless I think, especially for having no plugins or anything to compromise security.

@ignitionigel @kev That would perfectly fit my current usage pattern anyway Nigel. I never allow LastPass to log me in automatically. So all I need to do is a small change in process with no extra steps required. Such would fit my browser use habits too. Better actually as I won't need to login to LP on each browser instance.

Now I need to find a way to export my 100's of LastPass records to a Keepass readable format.

@BarefootWarrior @ignitionigel you can export to a csv in Lastpass, however, I think you can only import on the windows version for some reason.

@kev @ignitionigel @33Nicolas Exported CSV from LastPass, went to import in Keepass2 and chose from the long list of supported file formats. Lastpass was in the list.

All done but I noticed that the password field in keepass is not long enough for a PGP key I wanted to hide.

Oh yeah, don't paste the whole CSV file into a new record password prompt. Major lock-up. The only way out was to kill the process. Had to start all over, of course 😞

Thanks everyone for your advice and encouragement.

@BarefootWarrior @kev @ignitionigel @33Nicolas use bitwarden

@animeirl @kev @ignitionigel @33Nicolas
BitWareden uses a remotely hosted database and development is sponsored by Micro$oft whatever that may mean.

The whole idea here was to get off of the web and maintain full local control.

But thanks for the suggestion.

@BarefootWarrior @33Nicolas @ignitionigel @animeirl I don't think Bitwarden is sponsored by MS, not that I've read at least? Their infrastructure is managed by them, which means they pay MS to look after all their servers. I assume it's Azure.

Many sites use Azure, I don't see that as a problem personally. What worries me more, is that I can't find any evidence of them going through security auditing.

@kev @animeirl @ignitionigel @33Nicolas
FWIIW from the horse's mouth Kev on Reddit: "xxkylexx[S] 5 points 11 months ago
Hi there. Sorry I missed this comment. bitwarden is currently sponsored by the Microsoft BizSpark program which covers many of our operation costs and allows us to offer services for free to our users. We are working on our monetization strategy which will introduce additional premium features in the future. For now though, everything is free for users."

@BarefootWarrior @kev @ignitionigel @33Nicolas I can understand the appeal of hosting your own data, I guess my own perspective is that anything sent through the wire is kept and logged somewhere so as long as my data is encrypted its all basically the same

@animeirl @kev @ignitionigel @33Nicolas

Not quite the same Animeiri,, while your data may be encrypted, I understand #LastPass for example logs all the URLs you log into and even offers a 'searchengine' from the data collected from all users (for your convenience of course).

It appears to me they have build up a significant profile on me over the years I have used LastPass. I wonder how many other corporates are paying LastPass for that data.

@33Nicolas @ignitionigel @kev @animeirl
And don't forget all the Bookmarks, Search history and open tab info collected by their sister company #XMarks. Their profile data is possibly even more valuable than Google's

@BarefootWarrior @33Nicolas @ignitionigel @animeirl interesting, I don't recall seeing that on their site. I wonder if it's still true?

@kev @ignitionigel Should have mentioned earlier that I chose to install the version of Keepass2 that runs under Mono (on Ubuntu Budgie 17.10).

So this may effectively be the Win version (2.37). The only drawback, so far, is that Mono does not follow set system fonts and sizes. Some of the dialogs are so small I have to get a magnifying glass out to be able to read them. Keepass2 does allow you to choose another font size for lists and passwords, so the problem is only minor.

So far so good.

@BarefootWarrior @ignitionigel see, messing around with magnification and fonts is exactly what I don't want. If something doesn't work right out of the box, I'm not interested in tinkering to make it work. I'm too busy for all that.

@kev @ignitionigel Very likely because I have had to increase system font sizes (and browser zoom) to cater for my challenged eye sight. The default Keepass2 dialogs may be just fine on a standard install.

Under some circumstances you will have to mess around with 'it' to be able to use it at all Kev.

@BarefootWarrior @kev
Can try KeepassX, which is a fork I believe.
Uses same database, so it's easy to install and try with existing db.

@ignitionigel @kev
Got them both installed now Keepass2 and KeepassX. Thanks Nigel.

I rejected X at first because that version seems lo lag way behind 2

I am glad I installed 2 first because it allowed me to easily import my Lastpass CSV records but I think I will be using X from day to day (both on the same database) as it seems better integrated in Ubuntu (Using QT)

I think we may have covered this subject now 😞

@BarefootWarrior @ignitionigel 😂😂😂 I think you're probably right.

@BarefootWarrior @ignitionigel yeah, it's that kind of thing that really frustrates me about some open source projects - they're just badly implemented, or not thought out.

@BarefootWarrior Just FYI, ZeroNet works fine on Firefox Developer Edition :)

@dajbelshaw
I'll take the plunge with developer tomorrow. Thanks for the tip.

Apart from very transparent pastel coloured options (like edit) I have been able to use it to my satisfaction on Chromium.

I will let you know.

@dajbelshaw

Now running... Thought I might as well be bold. So far so good.

https://fosstodon.org/media/kDyUTUmjwjF5mrn_OL8

@dajbelshaw @nextcloud I've looked in to lesspass before, but have some reservations about all my passwords being intrinsically linked to my master pass.

@kev @nextcloud Aye, but you can have multiple 'master' passwords ;)