No way to prevent this says only password manager where this regularly happens.
KeePass2 on Desktops and Keepass2Android on Android.
And sync the database via syncthing, have a keyfile on each of your devices ans password protect it all
I’ve been a faithful BitWarden subscriber since almost he beginning, but read up on them. They’ve Been making some moves lately that point in a bad direction. Proceed with caution.
Any alternatives? Might jump ship before they fully enshitify and hope their users are too entrenched too leave
Use a vaultwarden instance. It’s bitwarden api compatible.
I think I may be too dumb for that…instance?..
https://vault.tchncs.de/ https://github.com/dani-garcia/vaultwarden
You can use the bitwarden app/extension with this. It’s basically a custom backend for bitwarden.
Bitwarden seems to be pretty clearly on the path of enshittification. They’ve been going towards closing off the self-hosted versions for a while, and moving their app out of repos that check licenses, with the likely aim of taking it closed source.
The usualy will surely follow.Not sure how soon, but I definitely wouldn’t newly go to them at this point.
VaultWarden will probably become what people who care about these things turn to for a cloud-based easy sync solution
What’s the point over keepass with syncthing?
that would be a non-cloudbased non-easy solution. personally, that’s what i’m doing, but i don’t anticipate most computer users wanting to go through the effort when so many people are still running windows 10 rather than switching to linux
Funny thing I switched from bitwarden to keepassxc + synchthing just yesterday.
And my best friend got interested in doing that as well (mostly syncthing, so she can backup her photos and stop relying on the apple ecosystem). I also convinced her to switch to Linux a while ago.
There’s a lot of regular non-techy users that yearn for things like that. They just need some support.
Bitwarden’s the only “cloud-based” password manager I trust, since their entire stack is open-source.
For self-hosting, they recently released Bitwarden Lite, which is a lot simpler to host than their regular server. One Docker image and you can use SQLite for the database. Different design decisions compared to the regular server which is designed to scale up to handle businesses with tens or hundreds of thousands of employees.
There’s also Vaultwarden, which is an unofficial third-party server implementation.
and ProtonPass. they’re both great.
Proton’s server is closed source so I don’t trust it as much as Bitwarden.
understandable.
proton pass comes with a subscription to the drive, email, and everything else, so its very easy to use.
Dumped them when they completely mismanaged their first breach.
which was either 7 or 4 years ago now (can’t remember)
😂 anyone still there deserves what they got
Edit: oh, okay it’s not as bad as last time…
The information accessed was limited to standard business contact information and related customer relationship management (CRM) data, including customer names, phone numbers, email addresses, and physical addresses, as well as support case data and sales-related data.
Sales-related data
So credit card numbers?
Maybe?
Use your brain. Literally. It’s the only safe way to store passwords.
I have over 300 different passwords for different accounts. I’m not remembering that many passwords.
Well, good luck when it’s your turn in the barrel.
I probably have around 100 accounts that I’d need to remember the passwords to, that’s not possible while keeping them actually decent and unique.
It is possible. I have 78 unique passphrases. You only need to train your brain and not turn it over to a machine.
Sure if it’s possible for you then it must be possible for everyone 😐. I’m sure that this will work for my ass. It’s not like I know from experience that I will forget anything of importance if I don’t write it down.
I keep a journal and a commonplace book (and a self hosted password manager) to remember anything of importance for no reason at all, silly me should have just remembered it. I just need to pull myself up by my bootstraps and stop being lazy duh.
You can do it. That’s my point. Yes it takes time. Yes it takes patience. Yes it takes practice. Your brain is an incredible machine capable of so many things, much more by far than a computer. Computers are chunks of silicon. They do basic addition. They just do it so much quicker is all. Yours is superior. Keep it exercised.
I do keep a cheat sheet of clues. Things that I write to remind me of the actual phrase, but I rarely need it. Make a point to memorize 10 a week. Custom photo screensavers (I use jpeg Saver 5.3 by Goat 1000) are great for flash cards. I find writing it out to be the best way to learn, but reading is my second, and listening is third (but rather poor considering I lose focus and miss bits). Try to learn how you learn best and exploit that. I used to have an old braintest that was incredibly accurate. It would tell you whether you were more inclined for audio or visual learning. It also defined your brains inclination to be left hemispheric or right hemispheric in its dominance. It was called brainworks. I think it ran on windows 95. For sure Windows 98SE.
Honestly, a lot of the ones I ended up needing to lookup or reset were the ones that are restricted with a maximum length and I cant use an entire phrase. That just jambs up my plumbing, if you know what I mean.
Flashcards. Write down your credentials and memorize them. Throw them away willy nilly when you’re done.
Hey, don’t use a password manager like KeePass, because brain is the only safe place to store passwords. In order to do that, WRITE THEM ON FLASH CARDS to memorize them and then THROW THEM AWAY
Tell me it was a joke
Flashcards are your brains friend. They are no joke.
Writing down your password is breaking the very first rule ever made about passwords. A cliche. Only appears in fiction
Write clues to your passphrase, not the actual passphrase. I spend a fair amount of time making my username and password. I choose something that I’m going to remember.
As an example, I was asked to attend a meeting to check out a point maker, a box that bombards objects with photons to collect the reflections, generating a 3d point cloud model that can be measured in cad. This particular one was fairly awful. Bottom of the barrel effort. The salesman was a complete slob, he was late, he took forever to set it up and had much difficulty getting it to actually work. When it did, it measured a 12.75" brick at 14.5". I knew right away it was shit.
They forced us to create an new account on the laptop with the software as it was too advanced and proprietary (pukes) for me to run it on my cad workstation. So, my password begrudgingly became a stylized derivation of “This Guys Balls Smell Like Cheese”. I still remember that password to this day 12 years later.
Not only that, but when we would have the guy out to troubleshoot, I would sometimes have to log in for him to repeat our steps. The salesman was always impressed with my typing speed and ability to remember my password. He probably never even knew my password was a total insult at him. My clue for the pass phrase was “Lynard Skynard”.
You should try KeePass or VaultWarden. A new account is just a few clicks away. You can do the mind tricks with the main password.
That would work, if I had like ten or twenty of them to remember.
No amount of studying is gonna make me remember almost a hundred strings of 24 random characters, and what string goes to what account
Don’t use random characters. Use absurd phrases that mean something to you.
It was supposed to be joke 😔
Damn, I see that now. The heat wave is making me stupid, my brain isn’t made for 35C
Not very safe passwords.
Oh really? What is it? Please tell.
