Re: password manager

Response below/inline for email Paul M. Foster wrote: > (original email sent 8 Oct 2024 at 20:50) > > Let me provide a dissenting view. I use "pass". +1 it allows for a hierarchical representation of the different entries and bonus marks because there is an excellent Emacs mode. -- Eric S Frag

Re: password manager

On October 8, 2024 7:50:29 PM CDT, "Paul M. Foster" wrote: >On 10/8/24 19:11, fxkl4...@protonmail.com wrote: >> what are y'alls recommendations for a password manager >> i've always used firefox's builtin manager >> but it's gotten to where it only works about half the time >> it's a pita look

Re: password manager

On 09/10/2024 06:11, fxkl4...@protonmail.com wrote: what are y'alls recommendations for a password manager Have you had a look into mailing list archives? E.g. Password managers. Thu, 9 Nov 2023 11:05:53 -0500

Re: password manager

On Wed, Oct 09, 2024 at 17:39:53 -0400, e...@gmx.us wrote: > Wow. Thanks for explaining that. Fortunately, I only have Debian and plan > to change things as little as possible in the future, so I think that if I > leave things as they are, they'll keep working for a while. I do have > ~/.xsessio

Re: password manager

On 10/9/24 17:09, Greg Wooledge wrote: On Wed, Oct 09, 2024 at 15:55:35 -0400, e...@gmx.us wrote: That worked. Maybe ~/.xinitrc is an old location? I'll probably leave it there unless there's a good reason to move it. [algorithm from heck] If reading this leads you to scream "WHY in the HE

Re: password manager

Hi, Le 09/10/2024, Greg Wooledge a écrit: > If reading this leads you to scream "WHY in the HELL is it this > COMPLICATED?!", know that you are not alone. Unfortunately, this is > only a small part of the picture. The full picture is even worse. Yup, I'm pretty sure there was also ~/.dmrc at

Re: password manager

On Wed, Oct 09, 2024 at 15:55:35 -0400, e...@gmx.us wrote: > That worked. Maybe ~/.xinitrc is an old location? I'll probably leave it > there unless there's a good reason to move it. .xinitrc is the dotfile used by startx across multiple Unix/Linux implementations. Debian's startx will use that

Re: password manager

On 10/9/24 10:05, e...@gmx.us wrote: On 10/8/24 22:11, Ash Joubert wrote: To set environment variables for applications started by XFCE, add lines before the last line in ~/.config/xfce4/xinitrc That file doesn't exist, but this one might work: eben@cerberus:~$ stat ~/.xinitrc ... I put

Re: password manager

Hello, I would personally recommend Bitwarden[1], it has pretty good functionalities with proper syncing out of the box. Though if you want 2fa included in it you will have to either pay or self-host an instance (I self host my own Vaultwarden[2] instance and it is fairly easy.) [1] https:/

Re: password manager

KeepPass here as well, and (not my choice) a proprietary locker at work. Can't help responding to someone with a Life glider in their sig :-) On Tue, Oct 8, 2024, 9:30 PM Dan Purgert wrote: > On Oct 08, 2024, fxkl4...@protonmail.com wrote: > > what are y'alls recommendations for a password manag

Re: password manager

On 10/8/24 22:11, Ash Joubert wrote: On 2024-10-09 13:38, e...@gmx.us wrote: On 10/8/24 20:13, Ash Joubert wrote: On 2024-10-09 13:00, e...@gmx.us wrote: I use (and like) keepassx.  The only thing I don't like is right now the type is really small.  It used to be readable. keepassxc is a Qt5

Re: qt5ct and environment variables (was: Re: password manager)

On Wed, Oct 09, 2024 at 09:52:13 +0700, Max Nikulin wrote: > On 09/10/2024 07:38, e...@gmx.us wrote: > > > > Huh.  If I run it from a terminal emulator it looks fine, but if XFCE > > launches it the text is tiny.  Looks like QT_QPA_PLATFORMTHEME isn't being > > set.  Which means something is runni

qt5ct and environment variables (was: Re: password manager)

On 09/10/2024 07:38, e...@gmx.us wrote: Huh.  If I run it from a terminal emulator it looks fine, but if XFCE launches it the text is tiny.  Looks like QT_QPA_PLATFORMTHEME isn't being set.  Which means something is running a not-login shell, something between startx and xfwm.  It's defined in ~

Re: password manager

On 2024-10-09 13:38, e...@gmx.us wrote: On 10/8/24 20:13, Ash Joubert wrote: On 2024-10-09 13:00, e...@gmx.us wrote: I use (and like) keepassx.  The only thing I don't like is right now the type is really small.  It used to be readable. keepassxc is a Qt5 application and honours Qt font settin

Re: password manager

On 10/8/24 19:11, fxkl4...@protonmail.com wrote: what are y'alls recommendations for a password manager i've always used firefox's builtin manager but it's gotten to where it only works about half the time it's a pita looking up and typing long cryptic passwords and i'm lazy Let me provide a di

Re: password manager

On 10/8/24 20:13, Ash Joubert wrote: On 2024-10-09 13:00, e...@gmx.us wrote: I use (and like) keepassx. The only thing I don't like is right now the type is really small. It used to be readable. keepassxc is a Qt5 application and honours Qt font settings. Under XFCE, I use qt5ct and set the

Re: password manager

On 09/10/2024 00:11, fxkl4...@protonmail.com wrote: what are y'alls recommendations for a password manager i've always used firefox's builtin manager but it's gotten to where it only works about half the time it's a pita looking up and typing long cryptic passwords and i'm lazy I've relied on P

Re: password manager

On 2024-10-09 13:00, e...@gmx.us wrote: I use (and like) keepassx.  The only thing I don't like is right now the type is really small.  It used to be readable. keepassxc is a Qt5 application and honours Qt font settings. Under XFCE, I use qt5ct and set the environment variable QT_QPA_PLATFORMT

Re: password manager

On 2024-10-09 12:11, fxkl4...@protonmail.com wrote: what are y'alls recommendations for a password manager i've always used firefox's builtin manager but it's gotten to where it only works about half the time it's a pita looking up and typing long cryptic passwords and i'm lazy keepassxc -- As

Re: password manager

On 10/8/24 19:11, fxkl4...@protonmail.com wrote: what are y'alls recommendations for a password manager i've always used firefox's builtin manager but it's gotten to where it only works about half the time it's a pita looking up and typing long cryptic passwords and i'm lazy I use (and like) ke

Re: password manager

On Wed, Oct 9, 2024, at 00:11, fxkl4...@protonmail.com wrote: > what are y'alls recommendations for a password manager > i've always used firefox's builtin manager > but it's gotten to where it only works about half the time > it's a pita looking up and typing long cryptic passwords > and i'm lazy

Re: password manager

On Oct 08, 2024, fxkl4...@protonmail.com wrote: > what are y'alls recommendations for a password manager keepassxc here. -- |_|O|_| |_|_|O| Github: https://github.com/dpurgert |O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860 signature.asc Description: PGP signature

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

On Mon 02 Apr 2018 at 09:07:16 -0400, rhkra...@gmail.com wrote: > Just continuing to think (or maybe not think ;-) about password managers / > password security, changing the focus slightly (I think) but keeping the same > thread. > > I'm now thinking about the security (or vulnurability) of p

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

On Mon 02 Apr 2018 at 09:07:16 -0400, rhkra...@gmail.com wrote: > Just continuing to think (or maybe not think ;-) about password managers / > password security, changing the focus slightly (I think) but keeping the same > thread. > > I'm now thinking about the security (or vulnurability) of p

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Am 02. Apr, 2018 schwätzte rhkra...@gmail.com so: moin moin, Just continuing to think (or maybe not think ;-) about password managers / password security, changing the focus slightly (I think) but keeping the same thread. I'm now thinking about the security (or vulnurability) of passwords duri

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Thanks to tomas, Roberto, and likcoras! All good points! I'm embarrassed to admit that I hadn't thought (at least to the best of my recent recollection) of the need to encrypt swap--that's something I'll want to deal with soon. On Monday, April 02, 2018 09:15:08 AM to...@tuxteam.de wrote: > O

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

On Mon, Apr 02, 2018 at 09:07:16AM -0400, rhkra...@gmail.com wrote: > > The first two situations that come to mind include: > >* during copy and paste operations, the plaintext password could remain on > the C&P "stack". thus making it vulnurable: Some notes: > > (1) I've read about

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Apr 02, 2018 at 09:07:16AM -0400, rhkra...@gmail.com wrote: > Just continuing to think (or maybe not think ;-) about password managers / [...] I don't know of the others (I never felt the need for a PW manager myself) but... >* during

Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Just continuing to think (or maybe not think ;-) about password managers / password security, changing the focus slightly (I think) but keeping the same thread. I'm now thinking about the security (or vulnurability) of passwords during "normal" usage--I mean, I'm thinking about the times when

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Fri 30 Mar 2018 at 12:15:18 (-0400), rhkra...@gmail.com wrote: > On Friday, March 30, 2018 11:17:32 AM Eduardo M KALINOWSKI wrote: > > There's ~/.config > > (https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#~/.co > > nfig) . Many apps use it, but still the majority uses ~ dir

Re: Password Manager opinions and recommendations

On 31/03/18 05:57, der.hans wrote: > Captcha is still annoying and needs an "I am a cyborg" option. Cloudfare is an issue, I'm growing to hate it as much as Google, perhaps more. CF relies upon Google for captcha, why can't they use and create their own? I would prefer a captcha from DDG, at l

Re: Update: Re: Password Manager opinions and recommendations

On 3/30/18, rhkra...@gmail.com wrote: > On Friday, March 30, 2018 08:44:53 AM Curt wrote: >> On 2018-03-30, Tomaž Šolc wrote: >> > Hi >> > >> > On 27. 03. 2018 03:02, rhkra...@gmail.com wrote: >> >> I have what might be called a "religious" aversion to storing what >> >> I=20 >> >> consider "real

Re: Password Manager opinions and recommendations

Am 30. Mar, 2018 schwätzte rhkra...@gmail.com so: moin moin, As I sometimes (often?) do, just commenting on a few points: On Friday, March 30, 2018 04:39:05 AM der.hans wrote: Am 26. Mar, 2018 schwätzte Richard Hector so: On 26/03/18 04:52, rhkra...@gmail.com wrote: We can add character s

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

Am 30. Mar, 2018 schwätzte rhkra...@gmail.com so: moin moin, I tend to keep my created data in ~/local/, so ~/local/bin/, ~/local/etc/, ~/local/sandbox/, ~/local/data/, etc. I then link some of the dotfiles I want to preserve into ~/local/etc/, e.g. .mozilla, .screenrc and .vim. I haven't been

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Friday, March 30, 2018 11:17:32 AM Eduardo M KALINOWSKI wrote: > There's ~/.config > (https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#~/.co > nfig) . Many apps use it, but still the majority uses ~ directly (and > probably allways will). And now to comment on the above (aga

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Friday, March 30, 2018 11:17:32 AM Eduardo M KALINOWSKI wrote: > There's ~/.config > (https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#~/.co > nfig) . Many apps use it, but still the majority uses ~ directly (and > probably allways will). True, but I mainly wanted to comment

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On 30-03-2018 11:47, rhkra...@gmail.com wrote: > * with that in mind, some of my proposals to various people (including > the > FHS) included things like creating a new directory, then keeping one named > /home and naming the new one either something like /data (for real user data, > and keeping

Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Friday, March 30, 2018 09:57:02 AM rhkra...@gmail.com wrote: > Anyway, these days, I store all my "real user data" in directories other > than ~, these include directories like /01, /02, (e.g., > /bob01, /bob02, /back01, back02), and I have no fear / reluctance to > create other such top level d

Re: Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Fri, Mar 30, 2018 at 09:57:02AM -0400, rhkra...@gmail.com wrote: > It (the stuff stored as hidden files) is what I now call "user configuration > data" as opposed to what I call "real user data", which I define as files > I've > created or intentionally captured / stored--things like text doc

Re: Update: Re: Password Manager opinions and recommendations

On Friday, March 30, 2018 08:44:53 AM Curt wrote: > On 2018-03-30, Tomaž Šolc wrote: > > Hi > > > > On 27. 03. 2018 03:02, rhkra...@gmail.com wrote: > >> I have what might be called a "religious" aversion to storing what I=20 > >> consider "real" user data in /home. > > > > I'm curious. Why do y

Storing "real" user data: was: Re: Update: Re: Password Manager opinions and recommendations

On Friday, March 30, 2018 07:54:03 AM Tomaž Šolc wrote: > Hi > > On 27. 03. 2018 03:02, rhkra...@gmail.com wrote: > > I have what might be called a "religious" aversion to storing what I > > consider "real" user data in /home. > > I'm curious. Why do you have this aversion and where do you store

Re: Password Manager opinions and recommendations

As I sometimes (often?) do, just commenting on a few points: On Friday, March 30, 2018 04:39:05 AM der.hans wrote: > Am 26. Mar, 2018 schwätzte Richard Hector so: > > On 26/03/18 04:52, rhkra...@gmail.com wrote: > We can add character set requirements and most sites now allow 30+ > characters, so

Re: Update: Re: Password Manager opinions and recommendations

On 2018-03-30, Tomaž Šolc wrote: > > Hi > > On 27. 03. 2018 03:02, rhkra...@gmail.com wrote: >> I have what might be called a "religious" aversion to storing what I=20 >> consider "real" user data in /home. > > I'm curious. Why do you have this aversion and where do you store "real" > user data? >

Re: Update: Re: Password Manager opinions and recommendations

Hi On 27. 03. 2018 03:02, rhkra...@gmail.com wrote: > I have what might be called a "religious" aversion to storing what I > consider "real" user data in /home. I'm curious. Why do you have this aversion and where do you store "real" user data? This is the first time I've heard about not storin

Re: Password Manager opinions and recommendations

Am 26. Mar, 2018 schwätzte Richard Hector so: moin moin, On 26/03/18 04:52, rhkra...@gmail.com wrote: I started reading up on password managers in order to consider using one. I use the keepass family - KeePassX on Debian, KeePassDroid on Android. I believe Windows and Mac versions are avail

Re: Update: Re: Password Manager opinions and recommendations

On Wed 28 Mar 2018 at 15:27:44 +1300, Richard Hector wrote: > On 28/03/18 00:19, Brian wrote: > > I eventually settled on masterpasswordapp > > because the re-creation aspect appealed to me, it was actively > > maintained, the author's well-thought arguments were convincing > > and (insofar as I c

Re: Update: Re: Password Manager opinions and recommendations

On 28/03/18 00:19, Brian wrote: > I eventually settled on masterpasswordapp > because the re-creation aspect appealed to me, it was actively > maintained, the author's well-thought arguments were convincing > and (insofar as I could judge) it is secure. > > But it did take some time to come to a d

Re: Password Manager opinions and recommendations

On Tuesday, March 27, 2018 08:47:10 AM rhkra...@gmail.com wrote: > On Tuesday, March 27, 2018 04:08:07 AM Joe wrote: > > On Mon, 26 Mar 2018 17:38:33 -0400 > > > > rhkra...@gmail.com wrote: > > > > > Yes, at least I think so, unless there is some standard for how > > > > > to handle passwords (inc

Re: Password Manager opinions and recommendations

On Tuesday, March 27, 2018 04:08:07 AM Joe wrote: > On Mon, 26 Mar 2018 17:38:33 -0400 > > rhkra...@gmail.com wrote: > > > > Yes, at least I think so, unless there is some standard for how > > > > to handle passwords (including changing them) on websites. I > > > > suspect that there isn't. There

Re: Update: Re: Password Manager opinions and recommendations

On Tuesday, March 27, 2018 03:57:24 AM Joe wrote: > Something I haven't seen mentioned: KeePassX does a kind of poor man's > two-factor authentication, allowing the use of both a password and an > arbitrary file in its encryption. So it's possible to store the file on > your computer(s) and carry t

Re: Update: Re: Password Manager opinions and recommendations

On Tuesday, March 27, 2018 12:56:24 AM Kushal Kumaran wrote: > Set the PASSWORD_STORE_DIR environment variable to point to your > location of choice. This is mentioned in the "Environment Variables" > section of the pass(1) manpage. Thanks! I missed that.

Re: Update: Re: Password Manager opinions and recommendations

On Mon 26 Mar 2018 at 21:02:48 -0400, rhkra...@gmail.com wrote: > Thanks to all who replied! > > I thought I'd summarize where I am: > > I like three of the suggestions (from what I've seen / investigated > (slightly) > so far, but with some comments: > >* pass: appeals to me a lot--the

Re: Password Manager opinions and recommendations

On Mon, 26 Mar 2018 17:38:33 -0400 rhkra...@gmail.com wrote: > > > > > > > Yes, at least I think so, unless there is some standard for how > > > to handle passwords (including changing them) on websites. I > > > suspect that there isn't. There may be some commonality in > > > websites generated

Re: Update: Re: Password Manager opinions and recommendations

On Mon, 26 Mar 2018 21:02:48 -0400 rhkra...@gmail.com wrote: > Thanks to all who replied! > > I thought I'd summarize where I am: > > I like three of the suggestions (from what I've seen / investigated > (slightly) so far, but with some comments: > >* pass: appeals to me a lot--the one pro

Re: Update: Re: Password Manager opinions and recommendations

rhkra...@gmail.com writes: > Thanks to all who replied! > > I thought I'd summarize where I am: > > I like three of the suggestions (from what I've seen / investigated > (slightly) > so far, but with some comments: > >* pass: appeals to me a lot--the one problem for me (for which I believe

Re: Password Manager opinions and recommendations

On Mon, Mar 26, 2018 at 08:34:28PM +0100, Brian wrote: > On Sun 25 Mar 2018 at 22:43:26 +0200, Ángel wrote: > > > On 2018-03-25 at 19:47 +0100, Brian wrote: > > > 1 day after the breach your data had been compromised. Changing your > > > password 10 days later on in your 1 month cycle doesn't seem

Re: Update: Re: Password Manager opinions and recommendations

On Mon, 26 Mar 2018 21:02:48 -0400 rhkra...@gmail.com said: > Thanks to all who replied! You are welcome. :) >* I also like the approach suggested by Abdullah Ramazanoglu (and > the somewhat similar Diceware), but I almost didn't find the emails > from Abdullah-- for some reason my email cl

Update: Re: Password Manager opinions and recommendations

Thanks to all who replied! I thought I'd summarize where I am: I like three of the suggestions (from what I've seen / investigated (slightly) so far, but with some comments: * pass: appeals to me a lot--the one problem for me (for which I believe I've found the solution) is that it stores

Re: Password Manager opinions and recommendations

On Monday, March 26, 2018 03:49:38 PM Brian wrote: > On Sun 25 Mar 2018 at 21:54:22 -0400, rhkra...@gmail.com wrote: > > > at some time in the future> > > > > On Sunday, March 25, 2018 08:38:25 PM Richard Hector wrote: > > > On 26/03/18 04:52, rhkra...@gmail.com wrote: > > > >* a means to aut

Re: Password Manager opinions and recommendations

On Sun 25 Mar 2018 at 21:54:22 -0400, rhkra...@gmail.com wrote: > some time in the future> > > On Sunday, March 25, 2018 08:38:25 PM Richard Hector wrote: > > On 26/03/18 04:52, rhkra...@gmail.com wrote: > > >* a means to automatically update passwords on the target websites (to > > > > > >

Re: Password Manager opinions and recommendations

On Sun 25 Mar 2018 at 22:43:26 +0200, Ángel wrote: > On 2018-03-25 at 19:47 +0100, Brian wrote: > > 1 day after the breach your data had been compromised. Changing your > > password 10 days later on in your 1 month cycle doesn't seem to me to > > be reactive security. Better than nothing, I suppos

Re: Password Manager opinions and recommendations

On 26/03/18 15:13, Abdullah Ramazanoglu wrote: Forgot to mention. For that (and other things) I use a separate dumb browser without any active content capabilities (Java, JS, plugins, etc.) It is also worth mentioning: Firefox Master Password System Has Been Poorly Secured for the Past 9 Years

Re: Password Manager opinions and recommendations

On 26/03/18 04:52, rhkra...@gmail.com wrote: Here are some of what I think are my criteria for a password manager: * encrypted storage on my own machines (no storage "in the cloud") * ability to transfer to other devices, including Android tablets and phones [...] * a means to autom

Re: Password Manager opinions and recommendations

On Sunday, March 25, 2018 08:38:25 PM Richard Hector wrote: > On 26/03/18 04:52, rhkra...@gmail.com wrote: > >* a means to automatically update passwords on the target websites (to > > > > facilitate regular / frequent password changes)--this is probably a > > stretch--I mean something that

Re: Password Manager opinions and recommendations

On Sun, 25 Mar 2018 11:52:13 -0400 rhkra...@gmail.com said: > I started reading up on password managers in order to consider using > one. > > Up until now, I've made up passwords myself, and stored them in an > encrypted file. Some of the drawbacks include: > >* I keep the passwords on t

Re: Password Manager opinions and recommendations

On 26/03/18 04:52, rhkra...@gmail.com wrote: > I started reading up on password managers in order to consider using one. I use the keepass family - KeePassX on Debian, KeePassDroid on Android. I believe Windows and Mac versions are available as well. >* encrypted storage on my own machines (n

Re: Password Manager opinions and recommendations

likcoras writes: > I think pass (https://www.passwordstore.org/) meets most of your > requirements. It's a glorified shell script that calls gpg under the > hood to create passwords that are stored locally (under > ~/.password-store). I concur with the recommendation for Password Store, in this

Re: Password Manager opinions and recommendations

On 2018-03-25 at 19:47 +0100, Brian wrote: > 1 day after the breach your data had been compromised. Changing your > password 10 days later on in your 1 month cycle doesn't seem to me to > be reactive security. Better than nothing, I suppose, but closing the > door after etc. > > In any case, your

Re: Password Manager opinions and recommendations

On Sun 25 Mar 2018 at 14:06:53 -0400, Roberto C. Sánchez wrote: > On Sun, Mar 25, 2018 at 06:48:15PM +0100, Brian wrote: > > On Sun 25 Mar 2018 at 11:52:13 -0400, rhkra...@gmail.com wrote: > > > > The PIN for my credit card has only four digits. > > > > >* I don't change the passwords as oft

Re: Password Manager opinions and recommendations

On Sun, Mar 25, 2018 at 06:48:15PM +0100, Brian wrote: > On Sun 25 Mar 2018 at 11:52:13 -0400, rhkra...@gmail.com wrote: > > The PIN for my credit card has only four digits. > > >* I don't change the passwords as often as I should > > There isn't and never has been a need to do this. Passwor

Re: Password Manager opinions and recommendations

On Sun 25 Mar 2018 at 11:52:13 -0400, rhkra...@gmail.com wrote: > I started reading up on password managers in order to consider using one. > > Up until now, I've made up passwords myself, and stored them in an encrypted > file. Some of the drawbacks include: > >* I keep the passwords o

Re: Password Manager opinions and recommendations

On 03/26/2018 12:52 AM, rhkra...@gmail.com wrote: > I started reading up on password managers in order to consider using one. Good! Welcome aboard. > Here are some of what I think are my criteria for a password manager: > >* encrypted storage on my own machines (no storage "in the cloud")