this post was submitted on 08 Sep 2023
6 points (87.5% liked)

Sysadmin

5587 readers
1 users here now

A community dedicated to the profession of IT Systems Administration

founded 5 years ago
MODERATORS
DarraignTheSane@lemmy.ml
gregf@lemmy.ml
Avian_Carrier@lemmy.ml
MentallyExhausted@reddthat.com
DarraignTheSane@lemmy.world
6
recommendations for personal and family password management? (lemmy.ca)
submitted 1 year ago by Pxtl@lemmy.ca to c/sysadmin@lemmy.ml
11 comments fedilink hide all child comments
 

Not sure if this is the right place to ask, but recommendations for personal and family password management?

I finally switched to Firefox on my phone, because Chrome "privacy". And then when trying to find out how enable password storage, I accidentally set up Microsoft Authenticator as password management phone-wide. Realizing this meant cross-app password management, I finally accepted that my old approach of politely ignoring the problem and manually memorizing algorithmic passwords is no longer tenable. I honestly would prefer the anti-privacy approach where every service just uses oAuth and only one provider has my password, but we're not there today, so time to learn the new tech.

So basically, what's the current OSS best-practice for a one-stop-shop password management software? I know "OSS" and "big safe cloud storage provider" are kind of oxymoronic, but imho encrypted-cloud-storage is the best tradeoff between security and convenience.

And, ideally, something I could get my kids onto as well and manage some shared family-PWs as well, since I assume their password management strategies are either "reset every time" or "just use the same PW everywhere and it's a ticking time-bomb".

top 11 comments
sorted by: hot top controversial new old
[–] BuckShot686@beehaw.org 5 points 1 year ago* (last edited 1 year ago) (1 children)

I've used Bitwarden for ages and it fits your needs very well. Sharing the login info will allow the rest of your family to access the passwords and TOTPs too. Bitwarden does charge for TOTP use, but Aegis is amazing to use along with Bitwarden. You could setup Aegis on your device and then, if you wanted someone else to have access, you'd just export the data so they could import it into their Aegis app.

[–] TheOneCurly@lemmy.theonecurly.page 2 points 1 year ago (1 children)

Self hosting vaultwarden enables TOTP and other organizational features that standard bitwarden charges for.

[–] BuckShot686@beehaw.org 1 points 1 year ago (1 children)

Good to know, I didn't talk about self hosting as it seemed like OP was aiming for it to be through a cloud provider. Its rad Bitwarden has both options and security is top notch either way!

[–] Pxtl@lemmy.ca 0 points 1 year ago* (last edited 1 year ago) (1 children)

I mean I'm okay to self-host something if there's a secure and safe and automatically backed-up solution. But realistically that's just "3rd-party paid cloud" like DigitalOcean. I could run a service on the pi I use for files and minecraft, but I'd still have to figure out making sure the service is secure and backed-up.

edit: I guess hoping that vaultwarden-server was a nice easy package already sitting in the Debian apt repos was too much to hope for right?

edit2: wow lemmy really poops the bed at deleted replies with replies doesn't it?

[–] BuckShot686@beehaw.org 1 points 1 year ago* (last edited 1 year ago) (1 children)

Sorry OP, I was trying to do a few things at once. But found this which should be helpful https://vaultwarden.discourse.group/t/installation-for-a-noob/1609

One of the comments provides a step by step guide for setup. If this sounds reasonable, then you could do it all here and you'd have no need for Aegis!

[–] Pxtl@lemmy.ca 0 points 1 year ago (1 children)

I'm OP.

[–] BuckShot686@beehaw.org 2 points 1 year ago

Yep, you sure are lol, I edit the previous comment and added a Debian install guide for Vaultwarden. My apologies for the mix up.

[–] JakenVeina@lemm.ee 4 points 1 year ago* (last edited 1 year ago)

KeePass.

It's got an app for basically all platforms, and you retain complete control over your data. Passwords go into an encrypted file, and you maintain that however you see fit.

[–] DJArbz@lemmy.notmy.cloud 1 points 1 year ago

I love Bitwarden and you can self host Vaultwarden. I'm not sure how OSS it is however.

[–] korthrun@lemmy.sdf.org 1 points 1 year ago

If cost isn't too much of an issue check out The Mooltipass or one of its competitors.

[–] dave@feddit.uk -3 points 1 year ago

Despite the breach, LastPass has been pretty solid for me for over a decade. Syncs across devices, easy sharing between family members, etc. If your master pw and iteration counts are in the green, even them losing your data is relatively low risk, apart from exposing the sites you have accounts for, which is equal parts privacy & security issue. If I wasn’t so invested in LP, I would probably go elsewhere but since the horse has bolted…

I’ve also heard good things about Bitwarden and KeePass but can’t speak to how easy they are to set up.