From 43ea1d8ae931cfafe9a921c71e40c1a2c13804701d3166ce16c4778a02b4e07b Mon Sep 17 00:00:00 2001 From: Nicholas Johnson Date: Fri, 29 Apr 2022 00:00:00 +0000 Subject: Change post to entry --- content/post/use-a-password-manager.md | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100644 content/post/use-a-password-manager.md (limited to 'content/post/use-a-password-manager.md') diff --git a/content/post/use-a-password-manager.md b/content/post/use-a-password-manager.md deleted file mode 100644 index 8fb338d..0000000 --- a/content/post/use-a-password-manager.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: "Use a Password Manager" -date: 2022-01-09T00:00:00 -draft: false ---- -It's frustrating watching normies forget their insecure passwords. I've almost come to the point of refusing helping people recover accounts of forgotten passwords unless they also let me set up a password manager for them. If I don't, it invariably ends in them forgetting or misplacing their passwords again. - -A password manager is a program that remembers your passwords for you. The main idea is there's one master password you use to access all your other passwords. If you don't use a password manager for your passwords, excluding disk encryption, then you're doing passwords wrong. - -To make the best use of a password manager, the master password should be secure[1] and you should keep a backup of your password database. You should also use two-factor authentication. Just create a dedicated password database on a separate device only for TOTP codes.[2] That will make it very difficult for an attacker to break into your accounts. - -Be sure to use a free, preferably non-networked password manager like KeepassXC[3] for desktop and KeepassDX[4] for Android. Just don't use proprietary poo like LastPass. Passage[5] seems like a good option for power users. If you need your passwords synced on multiple devices, you can use a separate file-syncing program like EteSync[6]. - -I know exactly what some people are thinking: "I just use the same/similar password for everything. It's easier!". If this is you, you need a password manager. Reusing passwords for online accounts is extremely foolish. - -Password managers put all your eggs in one secure basket, or two baskets if you're using TOTP. Password reuse is the opposite. It puts all your eggs in every basket. If even one of the sites you use is compromised, all your accounts are doomed. Don't assume it won't happen to you. - -Secure your accounts before something happens. Use a password manager. - - -Link(s): -[1: CorrectHorseBatteryStaple](https://xkcd.com/936/) -[2: TOTP Security](https://keepassxc.org/docs/#faq-security-totp) -[3: KeepassXC](https://keepassxc.org) -[4: KeepassDX](https://www.keepassdx.com/) -[5: Passage](https://github.com/FiloSottile/passage) -[6: Etesync](https://www.etesync.com) -- cgit v1.2.3