-- Leo's gemini proxy

-- Connecting to nicksphere.ch:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini;lang=en-US

 _  _ _    _        _              _     _
| \| (_)__| |_  ___| |__ _ ___  _ | |___| |_  _ _  ___ ___ _ _
| .` | / _| ' \/ _ \ / _` (_-< | || / _ \ ' \| ' \(_-</ _ \ ' \
|_|\_|_\__|_||_\___/_\__,_/__/  \__/\___/_||_|_||_/__/\___/_||_|


🔗 Return to homepage


📆 January 9, 2022 | ⏱️ 2 minute read | 🏷️ computing



Use a Password Manager


It's frustrating watching normies forget their insecure passwords. I've almost come to the point of refusing helping people recover accounts of forgotten passwords unless they also let me set up a password manager for them. If I don't, it invariably ends in them forgetting or misplacing their passwords again.


A password manager is a program that remembers your passwords for you. The main idea is there's one master password you use to access all your other passwords. If you don't use a password manager for your passwords, excluding disk encryption, then you're doing passwords wrong.


To make the best use of a password manager, the master password should be secure¹ and you should keep a backup of your password database. You should also use two-factor authentication. Just create a dedicated password database on a separate device only for TOTP codes². That will make it very difficult for an attacker to break into your accounts.


Be sure to use a free, preferably non-networked password manager like KeepassXC³ for desktop and KeepassDX⁴ for Android. Just don't use proprietary poo like LastPass. Passage⁵ seems like a good option for power users. If you need your passwords synced on multiple devices, you can use Bitwarden⁶.


I know exactly what some people are thinking: "I just use the same/similar password for everything. It's easier!". If this is you, you need a password manager. Reusing passwords for online accounts is extremely foolish.


Password managers put all your eggs in one secure basket, or two baskets if you're using TOTP. Password reuse is the opposite. It puts all your eggs in every basket. If even one of the sites you use is compromised, all your accounts are doomed. Don't assume it won't happen to you.


Secure your accounts before something happens. Use a password manager.



References


🔗 [1]: the master password should be secure

🔗 [2]: TOTP codes

🔗 [3]: KeepassXC

🔗 [4]: KeepassDX

🔗 [5]: Passage

🔗 [6]: Bitwarden



Copyright 2020-2024 Nicholas Johnson. CC BY-SA 4.0.

-- Response ended

-- Page fetched on Sat May 11 21:42:19 2024