this post was submitted on 17 Jul 2023
112 points (97.5% liked)
Technology
58150 readers
4398 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Am I a boomer for still using KeepassXC synced via Dropbox?
I've been using Keepass for 18 years. Nothing beats it. Recently switched from og to XC, and it's been a vast improvement in the workflow. I love that it can integrate into the browser.
KeepassXC + SyncThing in my case, to skip the middle man (Dropbox/Google drive)
Nope, that's a pretty secure password manager setup.
No sir, I did this for years. I used Kypass on my iPhone so I could use my passwords on my phone as well. I ended up switching to Bitwarden for easier 2FA implementation and granular password sharing rather than having to share my whole vault or manage a separated shared vault
What kind of 2FA setup do you have?
I use Bitwarden with DUO as my Authenticator app. I know that you can set up keepass with 2FA via an extension but I didn’t find it as portable with my existing apps which is why I decided to make the switch
It works but partitions can and will happen and a merge afterwards is non-trivial AFAIK.
Nah, still a great solution if you like. That was my solution for years until just about a month ago I switched to bitwarden because it seemed easier to protect with a yubikey. I've liked it so far.
I took the opportunity to export all my passwords from Firefox, chrome, and KeePass, then spent about a day cleaning the whole mess up and removing duplicates, THEN imported the csv into bitwarden. Still getting used to not using chrome/Firefox for auto filling and storing passwords, but I like that my passwords don't feel so spread out across multiple browsers/dbs.
Do you encrypt it before syncing in Dropbox? Or just raw .kdbx and password (+ key)?
I just trust the built-in encryption, which makes it easier to read via keepass2android (since I don't have to do an extra decryption step).
Yeah that makes sense
Defense in depth is my thinking
I've read that it doesn't really improve security much? Or maybe it's just a matter of opinion.
Interesting. I assumed it did, two layers of encryption, different passcodes and ideally keys - not sure how it wouldn't, but now I need to research it
Do research it. I'm no expert or security nut, so I'm just relaying what I've read before. 👍🏻
These are my opinions, not a secure expert or anything but - If your system is compromised two layers won't make a difference. If someone gets ahold of the KDBX, two layers might slow them down but if they have the compute to crack the KDBX in the first place a second layer won't make a difference.
Yeah, that makes a lot of sense, thanks for the insight!