• just another dev@lemmy.my-box.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    I guess now is as good a time as any for them to start using a proper password manager.

    Personally, I recommend Keepass - it has multiple clients for all platforms, and you can keep the file in sync with a program of your own choosing, like Dropbox, syncthing or whatever you like.

    • GissaMittJobb@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      Bitwarden is probably a more pragmatic choice for most users, given that it’s free and without having to manage the syncing yourself.

      Any password manager is better than the alternative, though.

      • NekuSoul@lemmy.nekusoul.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        Most amazingly, this setup is also unexpectedly resilient against merge conflicts and can sync even when two copies have changed. You wouldn’t expect that from tools relying on 3rd party file syncing.

        I still try to avoid it, but every time it accidentally happened, I could just merge the changes automatically without losing data.

      • GoJimi@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Exactly! Self hosted FTW. Chances of a data breach… Typically pretty minor if you are smart.

        • Lem453@lemmy.ca
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          Keep vaultwarden behind wireguard for local only access then also use https certs and good master password. Very secure like this

            • Lem453@lemmy.ca
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              Security in layers.

              All your services should be using https. Vaultwarden in particular won’t even run without https unless you bypass a bunch of security measures.

              This is how to setup local only and external https, I highly recommend this as a baseline setup for every homelab. It allows you to choose how much security you want on a per app basis and makes adding new apps trivially easy.

              https://youtu.be/liV3c9m_OX8?si=TSWXoN_8SJDpAHaW

    • dan1101@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      All of them are vulnerable to bugs though. Just a matter of luck.

        • dorythefish@discuss.online
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          One of the mobile clients corrupted all passwords for me. I ended up losing only 2 passwords, and only 1 I wasn’t able to restore. Good lesson on why backups are important though :)

          • PrettyFlyForAFatGuy@feddit.uk
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            One of the reasons i use Mega to sync my keepass db across devices where it’s needed. They have version control, so if it gets corrupted then i can restore from a previous version