Not today, Russia.

correct horse battery staple

more dev than sysop, but: bitwarden

Bit Warden, one password, whatever float your boat just not last pass.

For SHTF stuff GPG.

I don’t understand the extreme love for Bitwarden. I understand it’s useful, but I want as few things with a webui and server instance as possible, especially passwords, the thing that should be most secure.

KeePass, vault saved into the user’s One Drive synced folder is sufficient. It’s secure, offline, and automatically makes backups. And migrates to the new system just by logging into One Drive.

Bitwarden and others worry me because they have a lot of exposed attack surface, comparatively, and require much more maintenance to keep secure imo. I don’t want to expose any of that to a portal or anything.

That said, I don’t hate Bitwarden, the bitwarden/vault warden software is incredibly solid for what it is.

The method of champions. Post-it on the bottom of keyboard.

Scribbled on the whiteboard in the office.

jk

I write it in plaintext then email it to myself. For my email password, I write that down on a sticky note next to my monitor with my webcam pointing towards it with Skype and Zoom always running so I can look at it when I’m not at home. I always make sure to turn 2FA off as well, since that gets annoying and isn’t very convenient.

I might choose to mirror the webcam stream to a public RTMP stream later, but not sure yet, since I think that might open up some security holes.