this post was submitted on 05 Jul 2023
1515 points (98.5% liked)

Android

28179 readers
112 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 2 years ago
MODERATORS
 
(page 7) 50 comments
sorted by: hot top controversial new old
[–] o_o@programming.dev 4 points 1 year ago (4 children)

I toss my KeePass file (encrypted database) in Google Drive.

That way I have all the convenience of syncing through the cloud, but I also get the benefit of having my database access and database storage be managed by separate companies.

If Google has a breach and my data gets leaked, sucks, but the database is encrypted so I’m good. If KeePass encryption is broken, sucks, but attackers would also have to find a way to gain access to my Google Drive.

load more comments (4 replies)
[–] garyyo@lemmy.world 4 points 1 year ago

Anyone not using a password manager is shooting themselves in the foot and often time not realizing till its too late. Along with that sign up for a service that notifies you of data breaches, I think bitwarden has one built in (might only be for subscribing members though) and there is always https://haveibeenpwned.com/

[–] Fangslash@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (2 children)

I don't use them. I see this as a putting all eggs in one basket strategy, if my master password was lost, hacked, hosting company shutdown, or for whatever reason refuse to do business with me, my entire life would be screwed.

Instead I use long passwords made of words, and for each site it will be a few letters off. They're easy for humans to remember because how similar they are, but due how hash works they are equivalent to unique passwords to hackers.

[–] democracy1984@lemmy.world 4 points 1 year ago (9 children)

Hashing only works if the website stores their passwords correctly. If a single website you use doesn't hash passwords correctly, and gets their database leaked, then your passwords will all be leaked. Changing a few characters per site may help a bit, but it shouldn't be relied on.

Also, if you're worried about the host shutting down, you should try bitwarden. It's completely open source, and you can self host it if you want.

load more comments (9 replies)
load more comments (1 replies)
[–] LucidLethargy@lemmy.world 4 points 1 year ago

There are a lot of people recommending a very specific program in this thread. Be skeptical, everyone. Do your research on the strengths and weaknesses of these types of tools, and the specific offerings of all current leading services.

[–] MavTheHack@lemmy.fmhy.ml 4 points 1 year ago

Keepass with syncthing is GOAT

[–] guybrush@lemm.ee 4 points 1 year ago (1 children)

KeePassX(C?) both on Windows and Linux. I used the windows version KeePass2 but there was a recent security vulnerability in it so I switched to KeePassX. Maybe it's already patched... auto-type doesn't seem to work in KeePassX on Windows so I might switch back but it's not that critical.

load more comments (1 replies)
[–] Malisu19997@lemmy.world 4 points 1 year ago (7 children)

I'm probably going to get grilled for this but I've Been using Firefox's Saved passwords, I really don't need anything better.

load more comments (7 replies)
[–] Krompus@lemmy.world 4 points 1 year ago (2 children)

Yeah I use Lastpass, it's very useful. I'd like to switch to something FOSS and locally encrypted, but honestly I've tried a couple times and never got it working properly, meanwhile Lastpass always works. I hate their blinding white UI lol.

load more comments (2 replies)
[–] s6original@lemmy.world 4 points 1 year ago

I absolutely use a password generator/manager. Using Bitwarden.

[–] Quaternions@lemmy.world 4 points 1 year ago

I use bit warden and I love it. And yes, I would recommend using a password locker. Just make sure you do some research before selecting one.

[–] mizu6079@vlemmy.net 4 points 1 year ago

I just use the Google password manager so i don't have to put everything in every time i log into an app or a website

[–] NBCooks@lemmy.world 4 points 1 year ago

Another vote for Bitwarden!

[–] MeanEYE@lemmy.world 4 points 1 year ago

I use pass which is a frontend for GnuPG. It's sort of primitive and I had to write user interface for it but it's super flexible. Since every password is saved in encrypted file syncing is easy and we use Git to share company passwords amongst ourselves.

[–] angrycustard@lemmy.world 4 points 1 year ago

Just moved from bitwarden to proton pass, so far so good. Would recommend keepass, bitwarden,1password but definitely not lastpass.

load more comments
view more: ‹ prev next ›