7
Elendil
8y

I started using Keepass like 2 months ago, and recently i started going through all my email accounts to compile a list of all the services i've ever signed up to; delete the accounts you don't need and move everything else to keepass with a strong passwd, that was the plan.
I'm still going, but out of the 60 i have so far, 10 sites just had the password, *in plain text*, in the confirmation email!! I don't even konw anymore, just end me now plz 😢

Comments
  • 0
    I'm using LastPass, but yeah, if the site doesn't safeguard the password, password management tools become useless.
  • 1
    Yup pretty much T^T I tried lastpass but it i opted out after a while since it was an online service, i don't really wanna trust proprietary cloud services with my passwords. If someone is gonba get them, it will be by my own incompetence alone :D
  • 0
    @Elendil I did the same some time ago and it was a great decision :)
    But I staid with LastPass because I use a lot of devices and switching USB with my keys database (not to mention smartphones / tablets) doesn't look fun. And my master password​ to LastPass is pretty unbreakable so even if they are hacked it's still pretty safe.
  • 0
    @Artemix cool, thank you! Any suggestions what should I use instead of LastPass? Something not cloud based I guess?
  • 1
    I'm also looking for some good one, that I can sync with my owncloud at home.
  • 1
    @palemajki @qwerty1337 I use KeePass with the database being synced on Dropbox, but protected with a composite key of a password and a keyfile - the keyfile never goes over the internet for added security. This way I get a little better security than even a brutal master password with still retaining the perks of having the passwords in the cloud. Sure, if Dropbox leaks the database file or something like that, someone can start working on cracking my password database open, but the password is guaranteed to be cryptographically random and not easily retrievable (you'd need to get access both to the file and to my master password) so it's not as safe as possible, but for cloud capabilities the amount of security I lose is acceptable to me.
  • 0
    @Elendil You might like Encrypr then. Also cloud based but end to end encrypted. Don't trust or believe them? Just get the source code from github and compile it yourself 😀
Add Comment