Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What is your password management solution?
192 points by ericb on July 15, 2017 | hide | past | favorite | 301 comments
I'm a bit unhappy with 1Password. I don't want a subscription service, I want something that keeps an encrypted file that I can put in dropbox.

What is everyone else using these days?

`pass` is a nice command line tool that stores gpg2 encrypted password files. It's simple, super handy and doesn't require you to trust any third party with what you're storing. website: https://www.passwordstore.org/ man page: https://git.zx2c4.com/password-store/about/

+1 for `pass`. I wrote a handy Bash script [1] that lets me easily search my passwords without having an exact match (e.g., `fpass fin cap one` quickly finds my password info for "Financial/CapitalOne.gpg"). It makes pulling up passwords so much easier as I only need to remember fragments of how I stored it instead of trying to remember exact folders and names using auto-complete to find the password.

I also use iTerm2's system-wide hotkey [2] to quickly show/hide a dedicated terminal window that I use for retrieving passwords.

I've been using this setup for years now and I absolutely love it. The only downside is no access from my phone, but I always have my laptop with me and I memorize passwords that I frequently use.

1. https://github.com/raamdev/bin/blob/master/fpass

2. https://apple.stackexchange.com/a/48805

> The only downside is no access from my phone.

On Android, I use Password Store to sync my `pass` directory and use it from the phone. It a very high quality app, I had no issues after years of usage.


Keepass user here wanting to switch over to pass, this is exactly the missing piece of the puzzle I needed - thank you!

I'm looking into using pass / keepass, any particular reason you are switching over to pass?

I think I'm currently in a minimalist phase; the KeePassX UI is too feature rich and cluttered and makes me want to configure everything but I don't want to manage that.

If that's not a problem for you, KeePassX is definitely a solid password manager!

> The only downside is no access from my phone

For iOS: https://github.com/mssun/passforios works really well and it's open source.

Oh my ZSH (http://ohmyz.sh/), if you use zsh of course, has autocomplete, so folders and GPG files are only a few tabs away.

Don't need omz for autocomplete, it's already there in zsh. I TBH don't really like omz. It feels bloated, and I don't really need anything else on top of the already-awesome zsh.

Instead of hiding the window, why don't you look into using terminal colors to hide the password? That way the passwords aren't visible until you highlight them.

Better to use the '-c' option to put the password in the clipboard and not display it in the terminal.

If you're not going to use 1Password, which is still the only commercial password manager I'll recommend, "pass" is probably your best alternative.

As a LastPass user, any particular reasons why I should avoid them? Is it down to all the security issues they've faced lately?

Neither are deal breakers for me, but I get issues with their plugins sometimes.

The deal breaker for me before vs 1PW was that I would store quite a bit of info in 1PW for some logins. Filling out a whole sign up form might include birthday security question/answer, name, and more. For various reasons, I don't always use real info so having this info automatically saved or easily added as new fields is great. I know Lastpass has a few extra field options and a notes section within each login, but the fields aren't enough and I don't want to have to manually add all the info into the notes like some people I know do. I'd rather pay a few dollars more a month and get the convenience and time saved.

I'm sure it makes up for the extra ~$25 a year. And the family plan at $60 a year for up to 5 family members isn't a bad deal in my opinion either if that can work for you. I know it sucks compared to buying the apps one time, but I don't feel it is as bad the outcry was/still is.

I guess I'm looking at this strictly in terms of what is best for my day to day life. It's not worth it worrying about a few extra dollars a month when I only have a handful of subscriptions as it is.

1Password is the only commercial password manager I recommend, but I'll go further than that when it comes to LastPass and say: I really think you should avoid LastPass, and, if you're using it, migrate to something else.

I'm not going to go into details, sorry.

Why do the trouble of replying but fail to explain your reasons? That's wasting your own time mostly.

I would recommend 1password over lastpass as well. First reason being the security issues of lastpass chrome extension. Though claimed it is fixed now they have claimed before on other issues only to be proven wrong after. I simply don't trust them anymore with my data.

But even more I would choose 1password over its usability. I used lastpass before but switched during the past few security issues reported. I have never looked back. 1Password is much better integrated in your mobile devices. The app feels more robust and is easier to operate. In addition the whole process of setting up your devices felt easier and more secure using 1password.

Second. My wife understands it which is a big plus. She doesn't complain anymore about the cumbersome lastpass. We keep a shared vault as well. That alone is worth every penny and maybe the only reason I keep with a commercial password manager. I don't think she will use the alternatives.

I would strongly advice you to at least try it. It claims to be able to import your lastpass though personally I didn't try as my lastpass was a bit of a mess.

I understand why it makes people uncomfortable to know that they're not getting all the information I could possibly convey in a comment.

I don't see how that would make it better for me to not comment at all.

Because an advice without argument is ignored (in many cases). If it were me I would have rephrased my comment to include a summary. That would be sufficient to understand why you said things and in addition would be perceived less cocky. Now it came over as I'm saying this and you are not worth my time explaining the arguments.

Apparently you have knowledge on the subject so a sentence or five would have helped everybody reading this thread. In fact, it is what I would expect from an HN comment. I usually read the comments before the article as on HN there is often more information than the actual article. Most often different sides of the coin are in enlightened in the comments bringing insight in the otherwise one-sided monologue in the article.

I understand why you don't want to go digging up information to link, especially if using a phone. In this case, I think sharing a little truth about LastPass may benefit our community.


If it's too much for a content, how about a link to a source that articulates your point? I'm sure many people would appreciate more complete information.

I suspect the reluctance to offer more than a brief recommendation isn't a lack of confidence in the argument, but rather a sensible level of restraint for someone who is in the security industry.

LastPass is the only commercial password manager I recommend. I really think you should avoid 1Password.

I'm not going to go into details, sorry.

You do much work in this field?

It doesn't matter whether he does or not. He's using your own argument against you. Stepping in here and saying, "don't worry guys I'm the expert, so don't ask any questions", is just pompous and doesn't actually convince anybody. Use logic to support your claims, not your resume.

No, sorry.

It's funny. When I was the GP comment I thought "well that's not a very useful comment". Now that I've paid attention to who the author is... I'm getting concerned about LastPass :)

Are you able to say why you aren't willing to go in to details? I respect your CV and am going to switch to 1Password from LastPass based on your comment, but I'm curious whether I need to be concerned about my information being compromised.

Well, shit, two conflicting comments. Which advice do I take? Quite the quandary.

Is your recommendation of 1Password contingent on any particular set up (like only using a "local vault" and not their cloud solution)?

Switched from pass to gopass recently : (https://github.com/justwatchcom/gopass). It's open source and has a tad bit more features over pass. Some of the reasons for my choice to switch:

- compatible with pass

- support for multiple stores

- store binary data (e.g. QR codes for seeding 2FA) : upcoming

- report / track issues on github.com/justwatchcom/gopass/issues

- more details here : https://www.justwatch.com/gopass/docs/

fun fact: 2FA QR codes contain the secret as just part of a url. you don't need to save the binary image, just figure out what the (usually base32-encoded) secret value is, and store that. google authentcator lets you type in the base32-encoded secret (useful if your phone's camera is broken). see e.g. https://garbagecollected.org/2014/09/14/how-google-authentic...

The original pass seems to handle binary data fine:

    $ pass insert -m mybinarysecret <secret.png
    $ pass show mybinarysecret >secret.png
Admittedly, it's not very user-friendly, but some simple wrapper scripts could fix that.

Does pass still stote metadata unencrypted (as file names) or did they fix that now?

My main reason to not use pass is that I can't allow multiple private keys to unlock the password store. I don't want to transfer my private key between all my machines.

You absolutely can do this.

In your .gpg-id file, simply list the keys you want to encrypt for on separate lines. Every file below that .gpg-id file in the directory hierarchy will be encrypted for any of those keys to unlock.

Also you can re-init any time you want, listing multiple keys. This will go through all your passwords and re-encrypt them for each of the keys listed. That's how I got my phone set up with access (with its own locally-generated private key).

If you want more granular key strategy, look at gopass [1], which is a pass-compatible binary that gives a little more granular control over key usage (IIRC), and is written in Go.

[1] https://github.com/justwatchcom/gopass

Why not transfer the private key? I encrypted it using a one-time pass and send it using email. I then decryped and installed to the other machine.

Since I don't have the one time pass anymore the encrypted file is not usable anymore and I have the same key to both machines.

Please explain any holes with that flow.

Pass also has Android and (AFAIK) iOS clients, and many other frontends.

I use KeePassXC [1], which is open-source, and I sync it across my iPhone, Windows laptop, and Linux desktop via Tresorit [2] (like Dropbox but end-to-end encrypted). It's secured with a password that I know, and a keyfile that I have. I don't sync the keyfile and always manually transfer to new computers.

I also use Arq [3] to automatically backup to S3 every hour, and I also do manual backup to my external backup drives once in a while.

  [1]: https://keepassxc.org
  [2]: https://tresorit.com
  [3]: https://www.arqbackup.com

I recently did a bunch of research into password managers, and went with Keepassxc as well. I'm using Syncthing to sync the password archive across Linux, Mac, Android, and Windows devices. The whole setup is working very well and is all open source.

Agreed on use of keepassxc - fantastic utility.

I don't, and wouldn't, use dropbox or any other non-free non-self-hosted system to manage the storage or synchronisation of my secure data, so it's unison(rsync) and/or ssh'd between desktop and laptop.

I store my password file on my phone, and use KDEConnect to access it on my desktop when needed.

If only there's a way to do that with my iPhone :(

There are file sync apps that work with iOS devices that work with self-hosted file sync solutions.

do you have a particular one you recommend?

I don't use one, but to give an example, Google for "nextcloud iphone".

Seafile has an iOS client.

I've used various KeePass variants for the past 10 years or so. For anyone on Windows, I still recommend the original at http://keepass.info/.

For everyone else KeePassXC is really nice.

I really like that there are so many "clones" and variants that can read/write the file format natively: https://en.wikipedia.org/wiki/KeePass#Unofficial_KeePass_rel...

Why not use dropbox? It is only used for sync databases, not access them, I always though if someone found my keypass database encrypted it would be useless.


Yeah, the KeePass database is encrypted and I secure it with both password and keyfile, but I still want something that won't leave my database "out there" available for bruteforce attempts or other attempts at it.

It's hardly "out there" though. A hacker would still need to hack dropbox before they could access your keepass db and begin brute forcing. What makes your own private server more secure than dropbox's network?

You're trusting them to not have issues like this: https://blogs.dropbox.com/dropbox/2011/06/yesterdays-authent...

I don't trust the servers (Dropbox or my), and thus I want it encrypted on my computer prior to sending it out on the Internet.

I suppose it couldn't hurt!

What is the cause for your paranoia about keeping your keyfile in your Dropbox? I have used and advocated this model for years with no ill effects.

My Dropbox is secured by MFA, with the Dropbox password itself being a random password within the KeePass keyfile. I store the whole Keepass program for Windows inside the same Dropbox account, feel free to indicate that as a security gap. On mobile I use the KeePass2Android app.

You meant the kdbx file right? not the separate keyfile you can use to secure the kdbx file with.

I think the feeling is the same as the feeling of just leaving your SSH private key "out there". Sure, it's protected with a passphrase, but I still don't want to do that.

Can you trust Dropbox would never have security issues? See https://blogs.dropbox.com/dropbox/2011/06/yesterdays-authent...

Didn't matter if you have MFA or use a secure password.

Some people will not be satisfied so long as the keyfile, KDBX, and password reside in the same version of our shared reality, as it's still mathematically possible to decode the numbers into something they personally value.

you can also encrypt the db file it self (before putting it on dropbox) with something like EncFS.

I used to do that when I used purely Linux. However, once you bring iPhone and Windows into the picture it doesn't work anymore.

This is my solution as well. I back it up to a sftp server to keep it synced across my devices.

I use the standard keepass 2 client on my windoes machines, and keepass2android on my phone. Clients only access the file via ssh to my server at home so it doesn't require storing the database on other machines.

Same, but using Keepassdroid + DropSync use it on, and sync it to, my Android phone.

Crashplan is my backup tool of choice and also backs up the Dropbox, just in case...

What do you use to read the DB files on your phone? I'm new to iPhone and looking for an app I trust right now.

I use MiniKeepass [1]. It's open-source [2] and I build it myself to load onto my phone.

  [1]: https://itunes.apple.com/us/app/minikeepass-secure-password-manager/id451661808?mt=8
  [2]: https://github.com/MiniKeePass/MiniKeePass

Awesome thanks!

This is my password manager.

    password = b64encode(hashlib.pbkdf2_hmac(
        (master_password + '/' + domain).encode(),
        100000 + n
    )).decode()[0:16] + 'Aa$1'
master_password = some master password that you never write or store anywhere

domain = domain name for the service in question, e.g. 'facebook.com'

n = the nth password being generated for the domain (typically 0)

The 'Aa$1' is to ensure satisfaction of stupid password rules on various websites.


- Open source. You don't have to use some random person's password manager software that you have no clue how or where the passwords are being stored or the trustability of the people who wrote the software.

- Portability. You can run this on any OS including a phone with a Python implementation, and it's pretty easy to port the above to any other language with a hash library.

- No files to lose. You don't need to worry about losing a password manager's database, you don't need to worry about syncing the database across machines, and you can compute the above on any machine that you own and trust. Kernel panics while you're on vacation? No worries! Reformat your PC with a fresh Ubuntu install and compute the above to get access to your bank account, plane tickets, and e-mail again.

I used to do something very similar to this, for around 5 years. It works fairly well, but I've moved away from it largely because: There are always exceptions that won't work (you can't have one scheme that both satisfies "you must have one special character" and "you cannot have any special characters"), and it also doesn't let you change your password for a site. I was able to come up with something that worked in 95% of the cases, it was the 5% that got me to stop using it.

That's what the incrementing variable is for. Of course, you have to then remember how many times you've changed your password for any given site.

That works until you visit the website for my insurance company...

"You must use one of these special characters: %^&*()"

How does incrementing a counter address some sites requiring special characters while others reject them?

The counter only addresses requirements to change password periodically. The special character requirement is addressed by tacking on 'Aa$1' to all passwords (they asked for it; it's what I tacked to all the (good) passwords I memorized even before I had this method).

All your passwords have special characters. Some places do not accept special characters in passwords.

This is what your scheme doesn't address.


- You have to keep track of n for every site.

- If the master password is compromised, you have to change each password manually.

- Not well-integrated with browsers.

- Far less convenience on a phone.

> - You have to keep track of n for every site.

I consider this far better than having to keep a password manager's database. n = 0 for the vast majority of sites without sensitive personal data. For the small handful that need to change, I usually sync them all to the same value of n about once or twice a year.

> - Not well-integrated with browsers.

I use Chrome's password-saving feature for websites that don't store sensitive personal data. For websites that I consider sensitive, I actually like that it isn't integrated with the browser.

> - Far less convenience on a phone.

This is true. If my laptop can act as a bluetooth keyboard to my phone it might make life easier.

At this point, couldn't you keep the list of domains/n's in a plain text file? You still don't have the master password.

Re:Bluetooth I use AirDroid for this. It works as a vnc client not as a Bluetooth keyboard.

I use https://pwdhash.com with _n_ suffixed to the master password.

- If last few recent n's don't work, I just reset the password to the most recent n.

- There are browser extensions

- There are apps, and my web UI (https://ph.leftium.com) works OK (and a bookmarklet adds more convenience)

The problem with this solution is that it is only as strong as your master password. Because you suggest to 'never write or store [it] anywhere' it can't be strong enough. To say it in Bruce Schneier's words: "Pretty much anything that can be remembered can be cracked."[1]

[1] https://boingboing.net/2014/02/25/choosing-a-secure-password...

I memorized 1024 digits of pi in high school. I can deal with a strong password.

Keep in mind that most password managers also encrypt your password database with your master password, so my solution isn't any worse than those.

Memorizing a even a 16-character (upper/lower + symbols) random string as your master password would be 16*6 = 96 bits of entropy which is more than enough.

Dealing with memorizing ONE good 16-character random string is within the abilities of most people. Dealing with multiple ones is what is hard.

I don't question your memory, that is not my point. How long do you think it takes to crack a password that consists of digits of Pi or anything derived from it? And it's not about Pi either, it's just that you can't beat a computer in that regard.

For me, playing around with hashcat, was an eye opening experience and I truly believe in the Schneier quote from above.

Create a 10 word diceware passphrase, using the EFF's list. Try to memorize it, it shouldn't take long. Hash it with whatever hash you like. Even MD5. Try to crack it with Haschat. Spend as much time and/or money as you like on the project. It's got over 128 bits of entropy, you won't succeed before the Sun becomes a red giant and incinerates the Earth.

I agree with Schneier's quote, but you're also forgetting about password hashing. If it takes 10 seconds to derive the key (assuming the use of a strong hash function), anything with a good enough amount of entropy (60-90 bits) should be fine.

When an attacker acquires a leaked database, they're not cracking high entropic passwords.

Yes, what speaks for dheera's method is the use of a strong KDF and especially (a point that I missed initially) that they use a truly random master password.

The standard password manager is slightly better because the password database works like a 2nd factor.

Also, a character has at most 8 bits of entropy, not 64. If you use base 64 its only 6 bits of entropy. 16 x 6 = 96 bits is still more than enough though.

A downside if everyone used this scheme would be parallelized attacks on reversing the hash for the key. If you find a key that, with this scheme, creates a password for your service, you found the corresponding secret key. This then compromises all of that users passwords.

Sorry early morning here, I actually fixed that before I saw your comment -- more like 6 bits per character. In any case more than good enough.

I actually am not a fan of 2nd-factor authentication (e.g. phone). If you lose the physical thing or it gets leaked to a stranger, gunman who mugs you, leaked by security holes in the thing's own embedded OS, it's no longer helping your security. I'd rather authentication depend on only what's in my mind and body and nothing external. Also, I lose stuff and forget stuff pretty easily, so I often just avoid carrying anything.

Which technique did you use? I made it to around 150 using the memory palace technique from the excellent book Moonwalking with Einstein.

I'm not sure what the various methods are called or what they are -- never really researched it. I just memorized about 10 digits every day over the course of a summer. Every day I practiced typing out the entire thing a few times as well as practiced the most-recent 100-block several more times.

That's very impressive!

And I thought my memorizing 100 digits was an achievement

"Pretty much anything that can be remembered can be cracked."

Randomly choose 6 words from a 10k English dictionary and you're set. Hell, make it 12 words. Still insanely easier to remember than a 12 character alphanumeric/symbol password, and much more difficult to crack.

I'm partial to using a very broad dictionary: http://app.aspell.net/create?max_size=35&spelling=US&max_var....

It has 50,105 words. Gets you an extra 2.3 bits per word.

Better yet, use the EFF's Diceware list. It's easy to pick randomly from the list (just roll some dice) and the resulting passphrase won't have some of the issues a dictonary chosen one would have, like compound words causing entropy reductions. (EG if fire, truck, and firetruck are included in the dictionary as 3 separate words and you happen to get fire and truck in sequence as part of your passphrase the entropy of those two words is equivalent to the entropy of a single word! Not good.)

> if fire, truck, and firetruck are included in the dictionary as 3 separate words and you happen to get fire and truck in sequence as part of your passphrase the entropy of those two words is equivalent to the entropy of a single word

Not exactly true if they are separate words. In a word-based password scheme, you are treating entire words, not characters, as units. The chance of fire, truck, and firetruck appearing in one password in that sequence, given a 10K word dictionary, is 1/(10K^3). The miniscule possibility of this speaks to the fact that there actually is a large entropy.

I realised after choosing random words that gets annoyingly long to type. In that regard, random characters are better.

What about [1]?

"green rubber yellowed out inside the 1st horizon"

I make random passwords like that (though usually 6+ words) all the time. I admit I can't remember all of them, but I can remember up to ten or twelve. Which is enough passwords to cover all the important services I use.

The big pain with that is that some services don't allow more than N characters for passwords (looking at you, 20-characters-limit-PayPal), some services don't allow spaces and whatnot, so you have to adapt.

Plus, you should enable 2FA wherever possible. You don't really need a super strong password once you have 2FA, so for those cases you can resort to OP solution of having "master_password + 'whatever' + domain" with master password being one of those ten you can actually remember and not even having to encrypt the whole thing.

[1] https://www.xkcd.com/936/

Maybe you have something that calculates what is strong enough? Is there some online calculator?

Online calculator for password strength, what a great idea!

I've got to offer one on my website (gimme all your passwords, mwahahaha!)

Yeah because that is what meant...

This is a long blog post that talks about some drawbacks of this approach: https://tonyarcieri.com/4-fatal-flaws-in-deterministic-passw...

Before reading this I was convinced that stateless deterministic approaches like these was the ideal. But some arguments in that post changed my mind.

> Deterministic password generators cannot accommodate varying password policies without keeping state

16 characters + 'Aa$1' has universally satisfied every website I have used to date except Baidu (which imposes a maximum of 16 characters total on passwords). The number of exceptions to this is probably miniscule.

> Deterministic password generators cannot handle revocation of exposed passwords without keeping state

That's what 'n' is for. Either you can keep 'n' as a state variable which is much easier to manage (and if you lose the file, you can try a few values of n and get yourself back into those websites without much hassle), OR sync the values of n every several months on the sites that use it.

> Deterministic password managers can’t store existing secrets

This is orthogonal to the password problem. I store sensitive files that aren't passwords in a GPG-encrypted tarball on Dropbox.

> Exposure of the master password alone exposes all of your site passwords

This is true of stateful password managers as well, if you backup your database on anywhere insecure or any device (e.g. laptop) that could potentially be mugged at gunpoint, confiscated by border control, leaked by buggy software, etc.

He's uses _n_ for state, so it's not really state-less (in fact, issues 1 and 2 don't apply).

You shouldn't use hash functions designed for integrity, they're fast, fast is bad for password hashing, a single AMD graphics card can compute 200M guesses per second for single sha-512 iterations, instead use bcrypt, scrypr or any other hash function specifically designed for key stretching.



Yep, I'm using pbkdf2-hmac-sha256 which is not just sha-256. The 2nd link you posted mentions pbkdf2.

By the way, for those wondering about convenience, this will wait 3 seconds (during which you switch to your web browser and click the password field) and then it will "type" the password. (You do NOT want to cut-and-paste your password from a terminal as the clipboard can be read by anything.)

    # requires: sudo apt-get install xautomation for 'xte'

    import time
    from subprocess import Popen, PIPE

    macro = ""

    for char in password:
      if char == '$':
        macro += "keydown Shift_L\nkey 4\nkeyup Shift_L\n"
      elif char == '+':
        macro += "keydown Shift_L\nkey equal\nkeyup Shift_L\n"
      elif char == '/':
        macro += "key slash\n"
      elif char.isupper():
        macro += "keydown Shift_L\nkey %s\nkeyup Shift_L\n" % char
      elif char.islower() or char.isdigit():
        macro += "key %s\n" % char

    print("Entering password in 3 seconds ... [^C to abort]")

    Popen(['xte'], stdin=PIPE).communicate(macro.encode())

I cleaned it up a bit and added the missing keys: https://github.com/wridgers/pwtools/blob/master/bin/pwtype

This is exactly what http://masterpasswordapp.com/ provides.

One of the biggest drawbacks of this approach is that you are stuck with your master-password. You can't change it without modifying those for all the websites.

I do something similar, but the solution instead of `Aa$1` is to use the output to produce a shorter password with those properties [1]. Makes it a little easier to type in.

I also keep a list of the "domains" along with plaintext comments for each of them (username, email I used, etc) that are not strictly required (so still portable) but just make it a little more useful when it's synced.

The big downside I've found is lack of apps. Sure it would run on any phone, but I haven't managed to get it to run on the phones conveniently. So if I'm without a laptop right now for the most part I'm locked out.

[1] https://github.com/passwordly/passwordly-python/blob/master/...

>The 'Aa$1' is to ensure satisfaction of stupid password rules on various websites.

"Your password is too long"

One problem I had when using a similar technique is how to change passwords. Some services require regular password changes, security breaches require it, etc.

So I needed some additional piece of information, namely how many times I've had to change passwords, so a new function argument.

Eventually I gave up and started using a password manager.

That's what 'n' is for in the code above. There are only a small handful of sensitive websites I use that require frequent password changes and I usually sync them all to the same incremented value of n every few months.

Gotcha. I think that the manual effort of that was what put me off managing passwords myself.

Disadvantage: If any website you use has it's password database leaked, an attacker can then do an offline brute force attack to recover your master password. Then, the attacker can then generate your password to every other site you use, such as banks and email, just by trying a couple values of n.

That's the point of using PBKDF-HMAC-SHA256. As long as your master password is strong it's not going to be brute forceable for the forseeable future.

My point is that this is dangerous. The security of this method is equal to the strength of you master password + the least secure website you use. If that website has a password breach, the only thing standing between an attacker and a compromise of every website you use is the strength of you master key. (And GPUs are pretty good at brute forcing PBKDF2 - so it has to be really strong.)

This is unlike a stateful password manager. There the security of the system is related to the strength of your password + the strength of the security of the place you store your password db. If you pick a place that is serious about security, your almost certainly better off. Critically, a compromise of some random forum you signed up for doesn't impact the security of your bank account in any way.

> The security of this method is equal to the strength of you master password + the least secure website you use.

Not exactly. It's equal to the strength of your master password only. Even if one of your passwords leaked, this function does not compute fast enough in the forseeable future to brute force your master password, as long as your master password is strong.

> And GPUs are pretty good at brute forcing PBKDF2 - so it has to be really strong.

Interesting, thanks for telling me this. But how much better? I mean, a GPU with 1024 CUDA cores surely cannot surpass 1024 CPUs. So all we need to do is bump up 100000 to a slightly higher number to make it GPU-proof if that's the case, no?

> There the security of the system is related to the strength of your password + the strength of the security of the place you store your password db. If you pick a place that is serious about security, your almost certainly better off.

The problem is that it's difficult to find some places that is serious, and that you trust to be serious. Most people will end up putting it on Dropbox or Google Drive because there isn't anything else that is accessible to them and easy to use on a phone. Also, what if you're on vacation, PC rendered in an unbootable state, and you need to reinstall your OS? This has happened to me at least 3 times.

> Interesting, thanks for telling me this. But how much better? I mean, a GPU with 1024 CUDA cores surely cannot surpass 1024 CPUs. So all we need to do is bump up 100000 to a slightly higher number to make it GPU-proof if that's the case, no?

The weakness of PBKDF2 is that it requires a small fixed amount of memory to run, making it ideal for brute forcing with a GPU. Algorithms like Scrypt / Argon2 are designed to counter this by requiring lots of memory to run. Best reference I could find or current best GPU brute forcing speed is https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a27... - which seems to say that the test system could do like 100-200k password guesses / sec with PBKDF2-Sha256 @ 100,000 iterations (extrapolating from the numbers given).

I think the idea is that the master password can be memorable enough by picking say 6 random diceware words and still strong enough to resist all (pre-quantum) brute-force attacks for a long time.

The arithmetic then looks like this:

(7776 ^ 6) = 221073919720733357899776, because there are 7776 words in the diceware list.

(7776 ^ 6)/(10^12) = 221073919720 seconds to try all such password if the imagined hardware accelerated hash cracker can do one trillion hashes per second. In years this is:

(7776 ^ 6)/(10^12)/(365 * 24 * 60 * 60) = 7010 years.

So on average, it will take about 35 centuries to brute force the password when using hardware that can try one trillion guesses per second.

Yeah, in an ideal world... In the real world I'm coerced to use some apps and websites with shit security, and have to store stuff like PINs &c which impose a certain structure on the secret, and if I'm not misunderstanding, this can't help with that sort of secrets.

Wouldn't combining the "master_password", "domain" and your username/email save you from worrying about the "n" variable?

You are using "n" to differentiate from multiple accounts on "domain", right?.. or am I misunderstanding?

No, I'm using 'n' to deal with websites that periodically require you to change password and enforce that you use a new password

I suppose I could also do it as master_password + '/' + domain + str(n) or something like that.

Ahh, ok then how about using the DateTime at runtime? That would then save you from having to keep "n" stored elsewhere for future uses.

Edit: nevermind, this would prevent you from retrieving the password - I had in mind a password generator, sorry.

By the way it's generally not a good idea to use dates in password generation or for random seeds. An attacker who has any information about the approximate time you generated the password (e.g. minutes before registering for a site) would be able to iterate over those several thousand seconds.

For consumer use cases, you should use sources of noise for this, such as microphone noise, mouse movements, fluctuating voltages, etc. If you wanted to be super-secure you would use a quantum random number generator, which is truly random, but unnecessary for the threat models of most consumer uses. Just use anything but date/time. The random number generators of most modern languages and operating systems already have such measures in place.


Free to use, auto password generation, has an iOS app with thumb print unlock (saves you from typing in a long master password).

I personally really enjoy it.

My company uses it and I really despise it.

Basically their web add-ons are extremely buggy. I was using Firefox and after many issues tried Chrome version, that one looks nicer but is similar POS and similarly had its own set of issues. Perhaps I would be happier if there was just a standalone app that I would only fire up when I need it.

I agree. The browser plugins used to be much cleaner and snappier when I first started using LastPass a few years ago, but it has progressively gotten worse to the point of making the whole thing nearly unusable. It feels like some 4th grader tried to reimplement drop-down menus using a crappy home-made JS framework.

I stayed with LastPass through the various security incidents they've suffered, but recent UI updates finally made me cancel my paid subscription and switch to 1Password -- a standalone app that integrates with the browser through a very lightweight plugin.

I don't understand the hate against Lastpass. Why would I trade it's awfully simple features (autofill on Android, automatically save/update passwords from website forms in browser, cheap etc.) for something like Keepass, even if the latter is purportedly a bit more secure? Some people also say that Lastpass's UI isn't great, but who cares about a password manager's UI as long as it does the job?

>purportedly a bit more secure?

The worst bugs in LastPass are:

1. Four months ago a bug was discovered by project zero[1] about how all of your passwords can be stolen just by making a user visit a webpage. Moreover, any code can be executed remotely, compromising your entire computer. Discussion[2]

2. Later on the day vulnerability (1) was published, another was found. Project zero bug report. [3]

3. Last year a software engineer who wasn't a security researcher found a bug[4], which again, gives all your passwords.

4. The bug in (3) wasn't fixed properly, which lead to this [5]

Other bugs, but not as terrible as the ones I listed above

Jul 27 2016 [6]

Mar 25 2017 [7]

Jun 17, 2015 [8]

Nov 17, 2015 [9]

You are also forgetting a whole another class of attacks - Phishing [10]

[1]: https://bugs.chromium.org/p/project-zero/issues/detail?id=12...

[2]: https://news.ycombinator.com/item?id=13924737

[3]: https://bugs.chromium.org/p/project-zero/issues/detail?id=12...

[4]: https://labs.detectify.com/2016/07/27/how-i-made-lastpass-gi...

[5]: https://bugs.chromium.org/p/project-zero/issues/detail?id=11...

[6]: https://bugs.chromium.org/p/project-zero/issues/detail?id=88...

[7]: https://bugs.chromium.org/p/project-zero/issues/detail?id=12...

[8]: http://www.businessinsider.com/security-expert-describes-las...

[9]: http://www.martinvigo.com/even-the-lastpass-will-be-stolen-d...

[10]: https://www.seancassidy.me/lostpass.html

Oh my. Thanks for taking the time to list these down. Will work right away to get off Lastpass. No, seriously!

What ever password manager you move to, chose something that will stay far away from your browser. And don't use anything that autofills your passwords. This includes KeePassHTTP.

I use it but as others have mentioned it seems the browser extensions are getting slower and buggier

>I don't want a subscription service, I want something that keeps an encrypted file that I can put in dropbox.

Android version also the first thing I set up on a fresh phone. Fingerprint unlock, can input passwords directly into most apps (it matches sites to apps automatically) as well as Chrome.

Keep in mind that enabling the LastPass Accessibility service in Android disables device protection features (like storage encryption).

1Password. Don't know what they're about on Windows, as I'm happy to not use this shit anymore. On Mac and iPhone, I can happily use the newest version without any subscription or anything (which I didn't even knew about)..

Yeah. I actually used to use Dashlane, which has some really crazy cool features like auto-password-changer or something like that.

I switched to 1Password because the quality of support for Dashlane just kept getting lower and lower, and 1Password started getting some really nice features.

Some day I might switch over to `pass` as it's free.

It works perfectly with Wine as well.

The OP stated "I'm a bit unhappy with 1Password".

OP also asked what people are using. They're not mutually exclusive statements.

I use 1Password and I don't pay a subscription. I pay them outright, per platform, and call it a day until they give me a reason to do something else. I've also set up other recently in similar patterns. If OP's only issue is the subscription, they may now be aware that there are non-subscription options.

Also, they're the only ones with relatively wide-spread support in Apps (on iOS). In many apps, I can just tap 1P like I do in the browser to log in. And they have a decent user interface.

Subscription to 1Password is not mandatory. Or at least it was not in the past. Without a subscription, you can create local vaults which can be synced via Dropbox, iCloud or over WiFi within the same subnet (which means over VPN too).

Here is some documentation on the Dropbox sync for example: https://support.1password.com/sync-with-dropbox/

The subscription isn't really mandatory, but I've been quite disappointed at the transparency with which they've been pushing people towards that...even those of us that purchased the full version somewhat recently. For instance, the complete lack of a Windows version that isn't subscription based is a huge pain since I got a cheap Kodi box recently and my keyboard is a remote control that sucks for typing passwords.

I get that they want to transition people to that revenue model for their own benefit, but they haven't made a convincing argument that it's in our interests and they've definitely made those of us "offline" customers feel like second-class citizens. Normally, I'm all for subscription services, but password management is one area that I want complete control over and if they keep pushing me towards a model that requires their online presence, I'll end up switching.

https://1password.com/downloads/ still links to the 1Password v4 version for Windows, which supports local vaults.

And shameless plug for my own cross-platform powershell-based 1Password client, which can read both formats of local vaults: https://github.com/latkin/1poshword

I tried the v4, but it wouldn't accept my v6 license key :(

My workaround was to write a small utility that I run on both my Mac and Windows boxes that sits in the background and keeps the two clipboards synchronized. So I just copy from Mac 1p and paste in Windows. Not ideal, since it makes the browser extension useless, but it works well enough for the few times that I need to enter passwords on that box. But on the plus side, I can also use it for entering commands in cmd.exe and Powershell too.

I currently have 1password and 1password 6 installed. At some point I followed an "upgrade" suggestion, found out I don't get the upgrade for free and I had put new passwords into what is now an expired version.

Nothing about that made me happy.

I can't find how to purchase the single license for Windows. I found the download for Windows v4 and the single license purchase for Mac here: https://agilebits.com/store but not the Windows license.

1Password 6 for Windows is subscription only. You’d need 1Password 4 to work with local/Dropbox vaults.

Funny enough, 1P6 worked fine with my local/Dropbox vault during beta, then the app stopped letting me update my vault when it left beta. :\

PasswordSafe - https://pwsafe.org

I use the open source version on Linux and Windows, and https://pwsafe.info on Mac and iOS, all syncing through Dropbox.

Was expecting more mentions of this wonderful utility. It seems to work well in conjunction with a sync service (use Gdrive personally).

I memorize my passwords and reuse them to a large extent. Strength of the password is actually a lot less important than the website's security and the value of the account.

* relatively weak/old passwords for sites I don't care about and would lose nothing if they were compromised (vast majority)

* a couple relatively strong passwords for the 5-6 sites I don't want compromised, but wouldn't have huge consequences and could be email recoverable.

* unique strong passwords for a couple vital services such as email account.

The re-use depends somewhat on how much I trust the site's security. Also I cycle occasionally by introducing new passwords at the "top" and moving those passwords "down" to less important sites.

I used to do exactly the same and even the moving passwords to less important sites. Now I use iCloud generated pwds for all but vital services.

1) Make up a unique password on the spot. 2) Log in and forget it. 3) Reset password.

Works every time.

Not when resetting your password requires physically going to the bank to sign a document and get it mailed to you after a week...

But yeah, it works in most cases.

seems like a reason to switch banks.

Don't all banks do this? Here in the UK it basically seems mandatory. Try to change your password/phone/email, they'll send you an actual letter which has a passcode you need to enter in to the website. Although mine took only a day to arrive.

No, (I'm also in the UK) I've changed a few recently-ish and in each case had only to answer some security questions and then receive a phone call/text message with a code to enter.

Except if you need to login to multiple devices (password resets usually log you out of all the places you're logged in)

Haven't ever thought of this, sounds genious. Only a lot of work on some occasions, then they require for resetting..

1Password & gopass (https://www.justwatch.com/gopass/, it's "pass" compatible if you are using that already). I don't really mind the subscription service as it works fine across all platforms I use.

Do you sync 1password and gopass? or one for home and other for work?

I love 1Password but the lack of linux support is irritating. (I know about the web client)

1Password for all my private stuff and I also have a vault for work credentials (websites, external services, third party APIs etc where autofill in the browser comes in handy)

I use gopass for everything that's company internal.

+1 for gopass

I'm confused — what's the difference of `pass` and `gopass`?

They are compatible but gopass supports multiple password stores and some other nice features listed on the website:


> I want something that keeps an encrypted file that I can put in dropbox

FWIW You can do this with 1Password. Preferences > Sync > Sync with Dropbox

This, IIRC, requires an older version of 1Password. Version 4, from the "Who moved my cheese" discussion of 1Password's most recent subscription changes.

I can confirm this option still exists in 1Password 6 (I'm using the iCloud sync but I see the option for dropbox as well). I'm not sure how to get the license though. I only see the upgrade path that I took - not the outright purchase.


You can still purchase a Mac license there. I don't see a Windows option, but I'm viewing this from a Mac, so not sure if they're just hiding it. (Some people in this thread have said that there's no longer a non-subscription version for Windows.)

MacOS 1P can still do it for current version and next version, as per their blog post. iOS 1P still does too.

Not on 1Password 6 on Windows. Subscription only.

I used KeePass on Windows, and I use KeeWeb on Mac. KeeWeb is fast to search, allows for the inclusion of arbitrary data and tags, has a password generator, and it does autotype, which is nice. Also, it's open source.

http://keepass.info/ https://keeweb.info/

Enpass all the way. Free and works with dropbox

I'm a huge fan of Enpass, simple and does exactly what it says on the tin. I've convinced friends and coworkers to switch over to it and they're all very happy with it from what I've heard. What I don't like, and one of the reasons I'm looking at moving away from it, is that the code isn't open source. It also conveniently enables the sending of analytics/data usage by default and hides the option to turn it off at the very bottom of the Preferences / Advanced tab. The only reason I even noticed this was from Little Snitch popping up to tell me. Maybe not a massive problem, but I'd rather a password manager didn't phone home every time I open the damn thing up.

I started using Enpass a few months ago and am mostly happy with it, but I'm not sure it'll work for me long term.

A few of the issues:

- It crashes periodically on Linux. Though it has never wedged the database.

- On ChromeOS, it is "supported" via the Android app, which does not integrate with the Browser plugin from what I can tell. I was really hoping for something that would work there.

- You can't have multiple password databases at all, from what I can tell. I'd really like something that could manage my personal passwords, work passwords that I share with 2 other people at work, and family passwords that are shared with my fiance'.

For the last decade I used a gpg encrypted file on my laptop, combined with passwords saved in the browser on my encrypted file-system. That worked fairly well, until I was in Mexico and my laptop decided to take a vacation too. I couldn't access ANY of my passwords until I got home and could get to my desktop or move my drive to another machine.

Enpass has some benefits:

- The syncing using Google Drive works well.

- Fingerprint unlocking of the vault on my phone works well.

- I've always had a pain point with apps on my phone that update and then need the password again (front door smart lock, car, bank), and I can't access them anymore until I get to my laptop and type in the 30 character random password.

- You can add fields to the records, the default "login" record has "security question" and answer, but for sites that have 3 security questions I can add them as custom fields. (My mothers maiden name? It's "mCxK7JszjJ5Mq29")

- It is available on Linux and Android and kinda on ChromeOS.

I do feel like a web-based one would work better with ChromeOS, but I'm still experimenting with whether ChromeOS can replace my laptop. I'm typing this on my laptop, so...

I use this. My only gripe is that I need to unlock each day for the browser integration to work, and I need to open the app to (not have a service in the background).

I'm a happy Enpass user too. The best thing I like about Enpass is it's built on Open Standard, you can decrypt the database file easily if Enpass dies

I tried it and was mostly happy with it. But has it gone through anywhere near the third-party scrunity that 1p has?

I would be much more eager to use Enpass if they made the code available to people who pay.

They use SQLCipher which is OSS. I understand they don't release the UI code as it is what they use to make money. If you are afraid that they secretly copy your passwords you can easily check this. As you keep the file on your device or place it at a third party service it is more secure than a service like LastPass. Also don't use browser plugins but copy and paste the password

I use iCloud Keychain on macOS and iOS. Both operating systems include a rudimentary interface for managing passwords, and automatically store passwords entered in Safari. Keychain Access on macOS also allows to create secure notes on iCloud Keychain.

iCloud Keychain works great for me. Although, if I could change one thing, it would be to add a dedicated iOS app, instead of having to go to Settings > Safari > Passwords.

Its somewhat easier in iOS 11, there's a more dedicated area in settings. Also, in iOS 11, it provides usernames and passwords within apps, which is super convenient.

What do you mean by a "more dedicated area"? I don't have a spare device to test the beta on.

On iOS11 beta, To get passwords you will go to Settings > Accounts & Passwords > App & Website Passwords [0]

[0] https://www.youtube.com/watch?v=Yy1JEyxRzIc&t=23m42s (@ 23 minutes and 42 seconds)

I agree. The iOS password manager is hidden away and I wish there was an easy way to access it.

All of my passwords are kitt3nZ!PIzZA837591&#! Which I simply copy and paste out of an iCloud Note.

I use HashiCorps vault running on a micro EC2 with a small API written around it. Then I access it using a CLI I built and a key pair.


- I don't pay for a service (the ec2 instance was already running)

- I don't use someone else's software that is hopefully secure

- I got to play with Vault for an afternoon


- I've probably done something wrong and I'll end up paying for it the hard way eventually

- I had to spend about an hour building something

Enpass, all the way. Free (Gratis) on Mac, Windows & Linux, US$10 for iPhone or Android.

100% local storage, or sync the encrypted file via Dropbox.

My favourite, and I'm happy to support financially.

I just use lines of poetry for my passwords. They're long enough, complex enough, but extremely easy for humans to memorize.

The entropy in that is actually quite low, especially if you have even just a slight bias towards popular poems. Given this info I think it'd be quite easy for a dedicated person to reverse a password hash of yours.

Phrases from published works aren't strong passwords no matter how long they are.

Here's a nice example from a few years ago - https://www.reddit.com/r/Bitcoin/comments/1ptuf3/brain_walle... where "a line from an obscure poem in Afrikaans" was considered secure.

Granted, your password hash isn't going to get as much effort as BTC brainwallet cracking, but phrases/lines from common poems are going to be in bruteforcer lists.

Also, for any targeted attacks, everything from every poet or band you've ever liked on facebook or mentioned in any online resource are going to be used against you, so you better use poetry from authors that you don't like or ensure that you have never talked about which authors you like (easier said than done). Checking every line from e.g. Shakespeare is easy.

I reckon on having >100 passwords. Whilst I might manage to remember the phrase I couldn't match them up to the context -- "she wishes for the cloths of heaven" is that Amazon or Etsy??

I have a manually maintained database with a bash one-liner for password generation; primarily I rely on my browser's password manager.

It was strong until you told us.

If it were me I'd add a bit of salt (some random string) to those...

This is what I do. Music lyrics with characters mixed in. I have the alternates memorized so it's fairly easy to remember. Ex: 5, S, and $ are all interchangeable.

I'm using KeepassX with Dropbox. I store the database on Dropbox, so that it's available on my computers running different OSes (Ubuntu, Slackware, MacOS) and my phone at all times. I'll probably get rid of Dropbox at some point, but I'll keep the same method, which gives me complete satisfaction.

Oh I gotta show off my Keepass (http://keepass.info) with Ubuntu on Win10 setup which I just sorted out this week. The Keepass DB is saved on Dropbox.

I use it for all my passwords but crucially also as a SSH Agent for Bash, Git, Pycharm and WinSCP. My SSH keys are in Keepass and it gets used by Git, Pycharm and WinSCP. So all I need to do is unlock the database and it just works when using SSH in Bash or Pycharm or WinSCP or Git.

Anyway, the setup was a bit tricky to find out but it works very well (for me) now. I have documented it here because it might be useful to others: https://gist.github.com/duebbert/6a152ad2030e8dcb6d860802758...

Google passwords. I trust their engineering, it's free, passwords are accessible as long as I have a browser and it comes with Chrome.

Negatives: I can't do backups, easily migrate to another supplier and it won't work automatically with other browsers. And it's Google (feels privacy invasive)

This isn't a really great solution, in my opinion. Anyone with access to your google account, or anyone with physical access to any of your synced devices could lift your passwords easily.

Wouldn't anyone with access to my two factor authenticated Google/gmail account be able to reset most of my passwords anyway? The biggest risk is perhaps a rogue Chrome extensions scraping the password page when I visit it.

I think they ask your google password once again, when you try to access that functionality, even if you already logged in.

If you are logged into chrome, with all google passwords synced, you could use NirSoft Chrome Password Export Utility to get a CSV/TXT file of all data; i.e. URL Username Password. Then import it into your other favourite password manager; backup it any secure way you wish.

If the problem is storing data in the cloud, you can still store data locally (outside the 1Password cloud) with the subscription version. Go to "Preferences" -> "Advanced" -> "Allow creation of vaults outside of 1Password accounts".

My best solution is to not discuss password management on public forums...

I use a system where I mix a counter, a master password and website URL.

I don't hash it via a software algorithm, it is a system simple enough to do in my head.

I basically only have to keep track of the counter for the few websites that have forced me to change password.

The counter exist both as a number and spelled out, ensuring that changes in password differs enough for websites that require new passwords to not be similar to old passwords.

It is as secure as any 8-10 character password, except if a person is targeting me, and manages to get 2 or more passwords, there is a chance that they'll notice the system.

But if I am targeted by someone who can crack multiple of my online passwords, then I have pretty much given up hope for my safety.

I used pwclip [1] for several years but I no longer believe that hash-based password managers are the best plan. Now I'm using Seal [2], which is like pass but doesn't depend on gpg.

[1] https://github.com/davidlazar/pwclip

[2] https://github.com/davidlazar/seal

I use passpack to generate/store passwords, remember them in Firefox, and let Firefox Sync get them onto my different devices. Works pretty well!

My host of devices includes multiple laptops (Linux, OS X) and many different phones - both Android and iOS. Since Firefox runs everywhere, this works nicely. Firefox Sync has end-to-end encryption, but data stored at-rest on devices is guarded purely by physical access, which is fine for my use cases.

Of the open source password wallet solutions, which ones have actually been audited?

I currently use 1Password (local) on iOS and OSX, and use 2FA wherever possible as well.

I'm unhappy with support for windows/linux/chromeos, so I was already looking for alternatives.

I manage certain passwords (PGP keys, some very high privilege accounts, etc.) separately (primarily offline, and some split).

Considering building/paying to have built something that truly meets my needs, since my needs are fairly general.

I use Keepass 2. With a plugin, it's synced to Dropbox, where I can access it on my Android device with one of the compatible apps.

I use 1Password and have used it for 5+ year a now and love it. I used to pay one time fees. They were doing a sale for their pricey subscription service when my business partner got interested in using a password manager. So he bought an annual subscription for the both of us at a sale price. I think it ends up being $60 a year for the both of us.

Being able to use different shared password vaults has helped us a lot. As our business entails going through lots of quick sites before moving on to new ones, along with working with different partners.

Sure it still isn't "cheap", but I get a good app and browser plugins on all major platforms.

I highly prefer 1PW to Lastpass because it is much easier to get a lot of different form fields saved into 1PW along with easily adding any number of your own. Lastpass plugins also aren't the greatest.

I'd move to KeePass if I hadn't to stop using 1PW. But I doubt I'll switch while doing business. Shared repos integrated tightly into the UX is too helpful.

Interestingly enough, I immediately moved from LastPass to 1password when I heard about the subscription service. Why? Because I trust AgileBits but last time I wanted to run 1password I was going to need to pay a shit ton of money just to get it on Most of my platforms. Now, overall I'll pay more money, but I don't have to worry about how many platforms I use or upgrading periodically.

Plus, syncing is done right automatically. Sure, AgileBits could go out of business and I'd not be able to use 1password anymore. That's fine. It took one day to switch from LastPass. The lock-in is minimal. I'd rather not continue using a piece of security software without updates being released.

(Even if they did, I have a gut feeling they are classy enough to open source the server, though. It looks like the app already is built with the possibility of connecting to 3rd party sync servers.)

And it looks like a real solution is in the works for Linux finally, so there's that.

I have been managing passwords for more than 12 years with an encrypted vi file. Inside the file, every login uses a unique password. I generate unique passwords in batches of 100 or so using a script that I list below.

This scheme has the obvious single point of entry weakness and a further keystroke logger vulnerability. I have never had any of the 360+ accounts and logins compromised.

It is very important to not use the browser for secure activity if one has been browsing Internet junk recently. I have no doubt that all kinds of keystroke logging scripts do get started. I occasionally run rkhunter and top looking for intrusions and compromises.

Script for making big batches of passwords:

      File of passwords. First 99 are lettes usable for names, next 100 is pasword strings. 1-6-2008

      Here is the command line:

      (/usr/bin/apg -a 1 -n 99 -m 11 -x 13 -M CL; /usr/bin/apg -a 1 -n 100 -m 17 -x 23 -M NCL ) | cat -n

> I want something that keeps an encrypted file that I can put in dropbox.


I have one simple master password. I modify it slightly based on the url of each website. I have a text file backed up on Dropbox with any special rules for the password on each website (e.g. "turbotax: capitalized + bang").

Works great as long as you can resist the urge to tell other people about your system!

I wrote about my (mac-specific) pass setup at https://brianschiller.com/blog/2016/08/31/gnu-pass-alfred

It uses Alfred to get fast, autocompleted access to passwords.

I wrote https://github.com/mozilla/sops to manage secrets in our deployments, and also use it as my personal password store, to encrypt a file stored in a private git repo.

That is so cool! Just what I (and so many others) are looking for. Can it handle typesafe's config too? https://github.com/typesafehub/config/

I rolled my own solution a couple years ago: https://gridpass.io/

Your master password is remembered visually, instead of as an arbitrary string. My contention is that you're less likely to forget specific spots on distinct images than an arbitrary sequence of characters. The method has worked perfectly for me since I began using it, but only one other person I know uses it, and it has NOT been audited or scrutinized by an expert in the field. Nonetheless, check it out. It's free, being more of an idea than a technology. Besides, I can't charge you for something you've stored in your own visual cortex!

I like this idea. Giving it a go, I found generating the passwords time consuming - as in sometimes I would be okay to get a simple 2 image throwaway password without having to go throuugh all 6 images. However I suspect that my impatience was just curiosity in wanting to find out how it worked, and what I would see whan I finished :-)

I also didn't feel much attachment to the image - which could be addressed and has got me more interested about. Memory palaces. Genius loci - ancient way of remembering things using space, places. This works in a similar way, images exist on 2D space - the genius loci work best when the mental image is something you know well, that you remember well.

Thanks for sparking some ideas in my head!

I use https://pwdhash.com algorithmic password generator. It is the sweet spot of more security without too much added frustration.

Usually I use the Chrome extension, but when that fails I built a more user friendly web interface: https://ph.leftium.com

To avoid having to change all my passwords at once when one password must be changed, I suffix my master password with a sequential suffix. In the worst case, the last few suffixes don't work and I use the service's password reset feature to update the password to the latest suffix.

Note that the algorithm used by pwdhash is very weak. It uses just one round of 1 round of HMAC-MD5. Not even a slow hash function.

See https://github.com/dannysu/hash0 for comparison of other similar sites that all have the same flaw and the reason I coded hash0 (no longer maintained though).

I've considered making a version of PwdHash that uses a stronger hash function (and I think my brother did make one)...

But to be honest, if a hacker specifically targets you, you will probably be compromised, no matter how strong a hash function you use. (They will probably just use one of the many other attack vectors.)

And there's that joke about two guys running from a bear. "I don't have to outrun the bear; I just have to outrun you"

PwdHash lets me have unique, non-trivial passwords for every site with minimal fuss. There will be probably lots of lower hanging fruit before hackers start targeting PwdHash-generated passwords.

I use Firefox sync for my web needs and a plain text file (on my encrypted laptop) for everything else that doesn't fit into that. The more sensitive stuff (credit card, computer unlock) is in my brain with a hidden paper backup.

MacOS version still able to buy standalone license here without signing up for an account:


I use MacPass (KeePass OS X client) and sync the DB with a (2FA enabled) Box Sync account.

I use the Chrome ChromIPass plugin for user/passwords autofill. There is also a FF plugin, but I usually stick with Chrome these days.

I tried to switch to Lastpass but I found that a) the plugin was a terrible resource hog and b) would make some sites unusable due to ridiculous page load times. Obviously it works for some people, but the attack vector of sites like LastPass are so large, I was never comfortable following the masses.

1Password synced w/ Dropbox. Using Windows, MacOS + Android support. Very unhappy about the recent push toward subscription-based model, though, so I'm starting to look around for something new. Lots of good options in this thread.

For those in need of a cross-platform (Windows, Mac, Linux), open source 1Password CLI client, check out https://github.com/latkin/1poshword (disclaimer: my project)

I have used for year a KISS (Keep it simple) solution: I have a directory encrypted with encfs where I keep all sensitive data. The directory is shared through dropox by all my devices. In this directory I keep a plain text file with all passwords, domain, used email.... It is actually a YAML file cause I also have a simple groovy scripts that pastes the password (given domain or key) in my clipboard, but any text file would do the job. As simple as that.

Enpass is what you are looking for!

I too use enpass. Syncs your password vault to OneDrive, Dropbox. (It's just an encrypted file)

I use an encrypted disk image (in this case a macOS .dmg, but it could be any similar format) filled with text files that I edit in vim.

I don't use random passwords, I use (mostly) memorable ones. I mount the disk image only when I forget one. It's an aid to help me memorise passwords and keep track of important information (reference numbers etc), not a single point of failure without which I can't get into anything.

Secrets is a good alternative (Mac + iOS only): https://outercorner.com/secrets-mac/

Details on how Secrets store data: https://outercorner.com/2016/08/01/storage_format.html

I use keeweb as a desktop app, and I save the file locally, backing up to gdrive and cold storage hard drive weekly.

My laptop is my primary device so I'm not too concerned with logging into accounts on mobile, but if I really needed to get my passwords without my laptop, I could get use the keeweb web app with my gdrive backup.


I use firefox bookmarks synced using Xmarks.

Each account has a unique email address, and important accounts have a unique password element added.

I use firefox bookmarks to note down in a cryptic manner any variations to the common themes I use. The bookmarks are synced across computers.

The upshot is I always use firefox bookmarks to log in to a site, which means I am not clicking links from emails and I am always in an extension free browser.

I memorize multiple passwords.

I use a Mooltipass Mini https://www.themooltipass.com

I switched from LastPass to KeePassXC a few months ago after reading about some LastPass security problems. I really like KeePassXC.

As I am currently a LastPass user, could you fill me in on the security problems?

Sure, take a look on Google's Project Zero and search for "LastPass":


Or search the news for LastPass security issues:


thanks, but all I see is 5 issues, all of which fixed (and rather quickly).

Yep, it's good that LastPass seems to respond quickly to reported vulnerabilities. Who knows how long those issues existed before getting discovered, though. And some of them were quite serious.

A while back I was looking for an online password manager that you can host yourself (I don't trust my passwords with anyone else).

I couldn't find one that matched my requirements so I build one myself:


I use Universal Password Manager (UPM). It runs everywhere, syncs to dropbox (or wherever), pretty fast start time even though it's java. Github link: https://github.com/adrian/upm-swing


You can have this on MacOS, Windows, your smartphone.

Great when you only have your phone with you and you need to login somewhere to do stuff.

I still use a GPG encrypted org-mode file. Emacs/org-mode opens it seamlessly.

I feel like I should move to Keepass at some point, but it's one of those cases where if I'm apathetic long enough, Keepass will be gone and I'll still have my Emacs setup.

I use pass nowadays but used to use org for passwords, but in my setup I used to only encrypt the contents of entries, i.e. headings were in plain text. Then I used the function below to decrypt them. Made it easier to browse the file.

  (cl-defun gk-org-decrypt-element ()
    "Decrypt the element under point, show in a new buffer."
      (let ((transient-mark-mode t))
         (region-beginning) (region-end)
         (lambda ()
           (let ((decrypted-elem (org-get-heading t t))
                 (bufnam (buffer-name)))
                 (switch-to-buffer (get-buffer-create "*Org Secret*"))
               (read-only-mode -1)
               (insert ">>> " decrypted-elem " (" bufnam ")")
               (insert ">>> Hit `Q' in order to *kill* this buffer.")
               (newline 2)
               (local-set-key [?Q] 'kill-this-buffer))))))))

Password Safe[1] (almost entirely on Windows clients) and version control on home server via ssh. And most of my passwords are memorized by my Google account.

[1] https://pwsafe.org/

I use this ruby script:

    print ((rand * 1_000_000_000).to_i.to_s + \
           ("a".."z").to_a.sample(10).join + \
           ("A".."Z").to_a.sample(10).join + "_")
It solves a number of annoyances. First, it's easy to type on mobile if you need to for some dumb website that clears your input field when you alt-tab, since it sticks to numbers, letters, then capitalised letters. It contains a non-alpha numeric character, but at the end for stupid forms that don't allow them.

As for keeping the passwords around, you can do one of a couple things, but I generally just forget the password after logging in with it everywhere. I'm signed into chrome, so what's the point in remember the password myself? Unless it's something sensitive I don't bother. It's easier to generate a new one than to dig it up.

I have made plugin for original keepass to import from 1Password 1pif https://github.com/diimdeep/1P2KeePass

> I'm a bit unhappy with 1Password. I don't want a subscription service, I want something that keeps an encrypted file that I can put in dropbox.

> What is everyone else using these days?

I use a self made password matrix in paper.

How does that work?

Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact