• Rodeo@lemmy.ca
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    That’s the neat part, you don’t.

    Security and convenience are opposites. You have to decide if you want a local-only manager that is more secure, a sync service like syncthing that you can set up yourself, or a third-party cloud app like LastPass (which has been compromised at least once that I know of).

    Personally I just do all my email and banking on my desktop at home, and it’s actually only inconvenienced me a few times over the years.

    • itslilith@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      the only thing that gets less secure is more devices potentially compromised, but the act of syncing shouldn’t make it more dangerous by itself (if using a key file or a master password too long to be reasonably cracked), right?

      or am I missing something?

    • Paradachshund
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Sticking to desktop only wouldn’t be realistic for me unfortunately. Sounds like the solutions aren’t quite there yet for an average user.

      • 0xD@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        They are, just use a normal one (I use bitwarden) that you can access from everywhere and protect it with 2FA.

        The goal is to have varied, secure passwords across everything.

        • Paradachshund
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I’ve heard a lot of people mention that one so I think I’ll check it out. Thanks for recommendation.

    • Hexarei@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I store mine in a selfhosted Nextcloud instance accessible only via a Nebula overlay network (alternative to tailscale) and it’s both convenient and secure.