Hacker News new | past | comments | ask | show | jobs | submit login

I use KeePass to store my passwords plus other sensible data. It's multiplatform and I can have access to my passwords file on macOS using MacPass, on Linux and Windows using KeePassX, and on Android using KeePass2Android.

I use Dropbox to sync the file through multiple computers including my Android phone. I don't fully trust Dropbox for sensible stuff, but since the passwords file is encrypted by KeePass, I consider that if Dropbox ever gets compromised, they won't be able to access the contents of the file right away without a lot of work.

The passwords file uses a long password, one of the few passwords I still have to remember, plus I use a keyfile for encrypting the file. That file is not allowed to be uploaded to the cloud. I have a copy of the keyfile in my laptop, another one on my Android phone, and another one on a Veracrypt partition in my thumb drive.

It is not a perfect setup, because I still have a few issues that I haven't considered, such as how should I proceed if my phone or laptop bag ever get lost or stolen; but it's convenient for me at this moment.

This is exactly what I've done for years. The only difference is that I'm so paranoid about losing my keyfile (and with it all my passwords) that I also put it on the cloud -- just not on the same cloud provider as the keepass database.

Copy it to thumb drive and put in a bank deposit box as a backup. You can then do away with having your key in the cloud.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact