It never made sense to me to put password managers in the cloud. Regards to what you intend it to do, you’re making it accessible to a wider audience than necessary. And yet, I’m using iCloud. It’s time for a change.
I’m thinking of just running a locally hosted password manager on my home server and letting my devices sync with it somehow when I’m at home. I have a VPN into my home network when I’m away that automatically triggers when I leave the house, so even that’s not that big an issue, but I’m really not familiar with what’s gonna cleanly integrate with all my stuff and be easy to use. All I know is I wanna kill the cloud functionality of my setup.
I already have a jellyfish server so I figured I would just throw this onto that. Any suggestions?
I do this for sites where I don’t care at all about security. One minor tip, that will protect against automated attacks if the password is cracked, is to add part of the website name into the password (e.g “mystrongp4ss!lemworld”) .
A human could easily crack it, but automated systems that replay the password on different sites would probably not bother to calculate the pattern.
If just one or those passwords gets leaked you might find a lot of other ones get cracked as well.
It may not be sites that you care about. But using a password manager is a lot less effort and a lot safer than whatever technique the average Joe will come up with.
Any password that leaks which could indicate a potential system ( e.g.: sitename in lower/upper/leetspeak) makes the whole thing even more vulnerable.
Just use something. Bitwarden, vault warden, keepassxc, …
Knowing my social circle I’d recommend bitwarden. Even paying for it costs a measly 10$/year, while the free version is very usable in itself. And generating passphrases or 32char passwords will be a lot safer than whatever the hell they can come up with.
Just avoid the default browser ones, big tech and LastPass.
This! I am an IT admin and inam constantly begging my coworkers to use a password manager, any password manager. My company will pay for you to use Bitwarden but if you don’t want to do that at least use the password manager built into chrome/edge. Please, I am begging you to use secure passwords and save them in a password manager.
(Obviously not you fellow Lemmy users I’m sure y’all have too notch security practices. Just venting lol)