Follow

Do not change your password today. Instead, get yourself a password manager. Can be free, can be paid. Generate different random passwords for each of your accounts.

Do yourself a favor and make this one of your New Year's resolution.

@yarmo i already don't know any of my passwords but the master one.

@yarmo i have it for some websites, but hate it nonetheless.

@yarmo another one? How many password managers does one need? :blobfoxwinkmlem:

@sheogorath @yarmo one for work and one for private, in my case, although that's actually two different accounts on one manager, Bitwarden.

@yarmo

Someone: "What password manager do you use?"

Me: "Yes."

@yarmo
The last two PWmanagers left me annoyed, because of partial disfunctionality. Can someone plz suggest which free pwm I can trust and use without being annoyed?

@Easydor what PWmanagers did you use? Remember you generally get what you pay for.

Keepass is great as long as you handle the file syncing if you want your passwords on multiple passwords. Bitwarden is my backup PWmanager of choice. I've recently switched to pass (protected by a cryptographic key stored on a yubikey).

@yarmo
I think one of it was by norton, coming in a pack with paid AV. That was the worse one.
Well, I don't understand "if you want your passwords on multiple passwords", but I'll see.
Ty, I'll give it another chance.

@yarmo absolutely! Everyone needs to be on this level. Migrating to BItwarden has had a huge impact on my online life.

@yarmo "get locked out of *all* of your accounts instead of just one next year"

@Ricotta @yarmo but what if common password, which you use on most websites is compromised?

@Voice thanks, was about to reply the exact same thing. You're just as screwed if you use one compromised password everywhere. Except it's less likely to happen with a password manager, you should make it extra complicated and only have to memorize one long password.

@Ricotta

@Ricotta @yarmo

Make backups
Do not use cloud-based proprietary software for critical things

@yarmo I'll add that the best password manager out there is the one you will use. , or are all good. They're even better if you'll use one if them.

This Tooter lives and dies with Keepass.

@Tay0 @yarmo I've been using for years now. I've dabbled in and but keep going back to . They're all great, so whichever one works best for you and your workflow/philosophy (i.e. Fully FOSS or accepting some non-FOSS in your life) then go for it. But, for sure use one.

@yarmo
My new year resolution is 2048x1152 😁

Jokes aside, I dont use a password manager, since I once lost my very first pasword database when I was formating some disks, a while ago.

I have now more than a hundred passwords I think, and are not stored anywhere. I don't use a password manager, I use 'lesspass', it's a password generator.

@beta haha nice one.

- That really sucks. But that's not the error of the password manager though. One bad experience doesn't mean the concept should be avoided.

- Lesspass should be avoided though. Just as secure as a single password, just a little more complicated to guess. Once your password is brute-forced, it's all open. The only secure password is a truly random one.

@yarmo
is it not the same as a password manager? I mean they brute-forced your single password and it's all open.

Beside, with lesspass they have to figureout the password as you say (good luck trying to brute force my 32 lenght signle password), but also the site, and the mail, and the length of my passwords and the special characters options, .

Are you sure you know how lesspass works?

@yarmo I am currently practicing this me and my students. Thanks for reminding us it is really useful.

@yarmo Also don't forget to regularly make local encrypted backups of your password manager database if you use a cloud one like . Just in case you lock yourself out somehow or the service goes down or your Internet dies and you need access. Better safe than sorry.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.