Just take the string as bytes and hash it ffs

  • Frozyre@kbin.melroy.org
    link
    fedilink
    arrow-up
    6
    ·
    4 months ago

    It’s because of shit like this, I’ve had a document containing all passwords and accounts stashed away.

    I’m going to copy and paste, fuck anyone thinking I’m going to manually enter their shit.

        • dingus@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          edit-2
          4 months ago

          Yeah, I’m with you on that. Everyone on Lemmy loves password managers, but I don’t really like the idea of entrusting all of my passwords for everything with one singular program. I actually also dislike 2 factor authentication. One time my phone broke and my bank wanted to verify my identity to purchase a new phone. Except my phone was broken so I couldn’t… Yeah I really don’t want to run into that scenario again except worse.

          I’ve actually gone old school with it and I keep most passwords physically written down in a notebook using my own cypher language/pictograms. If someone irl really wants to break into my home, find the notebook, and try to decode it, I’d be in bigger trouble to begin with. It’s very unlikely.

          • desktop_user@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            0
            ·
            4 months ago

            2 factor when done right is nice, however phones should Never be a requirement for anything and 2fa should require at least two physical keys before being allowed to be enabled.

        • JustARegularNerd@lemmy.world
          link
          fedilink
          English
          arrow-up
          7
          ·
          4 months ago

          I ran into the same issue, I didn’t want to use a cloud password manager because entrusting literally every password I have to a third party and on the internet sounds absurd to me. KeePass seemed like a good idea for me, but at the time I fell back to syncing the vault by sending it to myself in Telegram any time I made a change. Certainly not ideal

          I now just have an RPi self hosting Vaultwarden with Tailscale, and for me that’s been the best solution that keeps me happy; it’s more secure as someone needs to compromise my Tailnet first, it’s not public facing, I’m not trusting a third party to not lose my vault (a la LastPass), but its still convenient.

          • skulkingaround@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            8
            ·
            4 months ago

            Keepass and syncthing are great combined. Functions fully locally even when I have no access to my home network, and changes get synced between my desktop, laptop, and phone whenever I have WAN access.

            • JustARegularNerd@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              4 months ago

              Yeah, I probably would have gone with that solution if I knew about it at the time, but now that I have Vaultwarden I’m pretty happy with it.

                • JustARegularNerd@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  4 months ago

                  I’m gonna be honest, for Vaultwarden I don’t. However, a local cached copy of the vault exists on all my devices that are signed in via the official Bitwarden client, and I have recovered using this method before, so that’s my backup strategy.

          • ColonelThirtyTwo@pawb.social
            link
            fedilink
            English
            arrow-up
            5
            ·
            4 months ago

            I use a keepass vault thrown in a syncthing directory but like literally any file sync will do. If you get conflicts, KeePassXC can merge them