Password Managers
-
I recommend Keepass. It's freeware, is available on all platforms and supports biometrics (fingerprints, etc) on Android devices. It also encrypts the password file on your device, so you can keep a copy of that file on a cloud service without worrying if that service really respects your privacy or not.
-
This is perhaps overkill, but you can also encrypt the contents of your online cloud storage with CryFS / Cryptomater. This is particularly useful if you wish to store sensitive documents (healthcare, finances etc) in a cloud environment in case of catastrophic destruction of property (destroying computers / on site backups of data).
In this case you can also backup your keepass file in this encrypted virtual storage medium, on top of the prexisting encryption of the database itself.
-
For iOS devices the most up to date client is "Strongbox". I don't think it is FOSS, but is compliant with the standard. It's sadly a freemium app, but is quite well made in my testing. It cannot sync with syncthing, but does support several cloud services, its own service (which uses iCloud), and local file transfer over LAN. They also have a version of the app with all network connectivity removed for security (if you prefer)
-
It's so much better since they updated the (IMO) ugly, dated UI design. It looks nice and fresh now. Bitwarden is the MVP.
-
No one has mentioned pwsafe, which was originally created by Bruce Schneier and is still maintained.
-
KeePass + Tresorit
-
Where would one find that?
-
What's up with protonpass? Any pointers?
-
https://github.com/keepassxreboot/keepassxc-browser/issues/1631#issuecomment-2464608760
I think that was the method that worked for me
-
KeepassXC + webdav
-
Vaultwarden. It's FOSS Bitwarden. Host it on your own server/machine
-
Samesies!
One very important word of caution (unfortunately coming from experience): Syncthing, as the name suggests, makes it so the content of one device is the same as that of another device. So, even if you have one device set to only receive data, it means that if you delete a file from the sending device, the receiving device will also delete that file to stay in sync with the sending device. There is a way to use Syncthing as a simple backup storage program (not necessarily the best solution but much better than manually backing up your files every few months and just hoping for the best). But it means that you have to use the advanced folder option "ignoreDelete". I also use the file versioning system, so even if something is automatically deleted by mistake, it's still versioned in a special subfolder and accessible to me.
-
I would recommend people not do that unless they know they need to and again, if you know you need to you’re not asking on lemmy.
Hosting your own secrets not only puts the burden of protecting, providing access to and preserving the secrets entirely on you, but puts a very unique set of hosting goals squarely on you as well.
Even a skilled administrator with significant resources at hand would often be better served by simply using bitwarden instead of hosting vaultwarden.
An example I used in another thread about password managers was a disaster. When your local server is inoperable or destroyed and general local network failure makes your cloud accessible backup unreachable, can you access your secrets safely from a public computer at the fire department, church or refugee center?
Bitwarden works well from public computers and there’s a whole guide for doing it as safely as possible on their website.
-
Yeah i basically view it like a network drive in its default configuration. As if you were carrying around a USB drive.
-
Password manager from proton(protonmail/protonvpn guys)
-
the last time I did this it was Dropbox and I ended up with a thousand conflict copies of the database
-
Bitwarden.
If you want to keep it in a file you want to sync yourself: keepass -
Keepass + Syncthing is an undefeated combo
-
KeepassXC + syncthing
Fully under your control
-
Definitely Bitwarden
