how do you geniuses handle all your passwords? People like pword managers but I have like 4 different OSes i use every day and on top of that centralised pword management makes me nervous, upset, and crabby. what if I have to log in from some other system ???
@fastidious@arrakis.netbros.com Yes they are all personal.
I also use pass and the newer slightly more modern gopass
Good stuff!
Iāve been using a combination of āone password for everythingā (bad i know) and a sh script to make strong passwords for stuff that matters but Iāll probabaly switch to pass. The problem is we passed the point years ago where passwords that are secure (?) and meet the insane special character requirements are passwords I feel like typing out or even remembering. Kind of like I used to memorise my friendsā phone numbers as a kid but no moreā¦ that reminds me, I was recently able to log into my employer retirement account with just my birthdate and VOIP number š š
@will@twtxt.net I self-host Vaultwarden, then point the various Bitwarden apps (or my browser, if thatās all thatās available) at it. Auto-fill functionality in general does the rest. š Iāve only had one passphrase for years now, and any breach notifications I get are dealt with in seconds.
You can create an account on mine, if you want to try it out. š
Just read this yarn againā¦ My command line workflow is rubbish compared to many of you. š Going to look at using the official Bitwarden command line client, and maybe some aliasingā¦ Wonder whether I can use bw get password
to seamlessly pass secrets to commands?
It doesnāt happen very often, mind; I use keychain
to persist my SSH agent. Stillā¦ Hām. š¤
@jlj@twt.nfld.uk I use pass show
in shell pipelines myself š
@prologic@twtxt.net Neat! I mean, really, I should be using HashiCorpās Vault, to keep me sharp in the day job. ;-)
@will@twtxt.net At work we are using KeePass with Multi Cert KeyProvider Plugin.
https://www.creative-webdesign.de/en/software/keepass-plugins/multi-cert-keyprovider
We leave master password empty. Each person needs an own certificate to access the database file.
Not using a master password makes it easy to add or remove people with access w/o changing (and sharing) a master password.