I went in to delete mine. Was forced to put in my real name and current employer without any way to opt out. So for a short brilliant moment I was Bobo Bobolicious of Bob’s Boat Oars

  • bobs_monkey@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    What’s a good multiplatform password manager these days? I’ve been meaning to move away from LastPass for forever (and update my passwords in the process), I just haven’t found the time to sort through all of that.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      arrow-up
      26
      ·
      9 months ago

      I really like BitWarden. Benefits:

      • open source - can even host your own storage server if you want (e.g. vaultwarden)
      • security audited
      • free - has paid tiers, but you probably don’t need them
      • apps - Desktop (Linux, Windows, macOS), browser extension (basically all of them?), mobile, command-line, web app

      It has some neat features and hasn’t annoyed me too much yet.

    • electricprism@lemmy.ml
      link
      fedilink
      arrow-up
      6
      arrow-down
      2
      ·
      9 months ago

      Say what you want about old timers but [ Notebook and Pencil ] has a 100% success rate if the attacker doesn’t have physical access.

      • catloaf@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        9 months ago

        Actually, that would make it easier to fall for a phishing page. My browser extension will only offer to fill example.com. If I’m on exarnple.com, it won’t. This makes me say “hmm, why no match for this page? ah! the domain is different”. With a notebook, I’d happily type the password in just the same.

        • electricprism@lemmy.ml
          link
          fedilink
          arrow-up
          1
          arrow-down
          4
          ·
          9 months ago

          PEBKAC isn’t really an argument greater than a Strawman. If you’re saying operators can’t be trusted to be competent you might as well argue that these people shouldn’t own computers or cellphones, or kitchen knifes or other things that require a minimum competence.

      • bobs_monkey@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        Sure, but that’s where the cross platform comes in, because I’d rather not have to lug said notebook around with me.

        • electricprism@lemmy.ml
          link
          fedilink
          arrow-up
          3
          arrow-down
          2
          ·
          9 months ago

          Convenience and Security are different goals. You can either put security before or after convenience.

          • bobs_monkey@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            I’m gonna go for taking reasonable action of fortification and then try my luck.

            And negative, usable security is a delicate balance of security and convenience. It employs various layers of usable redundant security methods that keep things to the best possible and reasonable level of security available, while also maintaining useful defense. If I were doing anything rendering me a target of a malicious actor, that’s a different story. But run of the mill individual passwords for each website/service coupled with 2FA along with password database encryption is enough to keep a nobody like me reasonably comfortable.

      • 4am@lemm.ee
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        9 months ago

        I’m not typing a 64-character random string from a notepad everytime I log in somewhere tho

      • GustavoFring@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        And an encrypted vault probably has a near 100% success rate even if the attacker has access to it given a sufficient vault password.