i will never not be paranoid about password managers. storing all of your passwords in one place just screams compromisable to me
this is probably an irrational fear of mine, but i can never get it out of my head
@CyclopsCaveman the safest place for a password is written imo
@urusan this actually seems pretty cool, since it doesn't store any of the passwords in a database. the only way to compromise it would he to get the master password, which in this case looks like it can be anything? and would be much easier to keep secure than one for an online password manager
@CyclopsCaveman Yup, that's correct.
There's actually 2 keys: your master password and the name you use for the service.
You'll want a consistent naming scheme so you remember how to get your passwords, but the names can also serve as an extra layer of security.
Really, technically, all the options in lesspass are separate keys, though presumably you'd want to also keep your options consistent so you don't forget them.
@CyclopsCaveman you gotta secure that one place appropriately, but it also means you can trivially have different passwords for each account, which ends up much safer?
@CyclopsCaveman the counterpoint to this being that it is easier to secure one building than to secure two or three or eleven. (your fear is not irrational, it is a high value target.)
@CyclopsCaveman I get what you mean, I keep accounts that contain important stuff or that I've put a lot of money into (master email, steam etc) jotted locally.
I then use the password generator in bitwarden to generated the best password possible using all the options, write that down on paper and make it store all of my accounts that don't hold much value (twitter etc) then make duplicates of that bit of paper with all my master passwords on and keep one on me and keep the others elsewhere.
@CyclopsCaveman forever afraid that one day I'll succumb the hubris of being Tech Savvy and then forget my master password
@CyclopsCaveman cloud password managers sketch me out but if someone's got access to my physical hardware already, they're fully welcome to crack open my keepass databass. fuck it
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!