Welcome to the RD thread!

This is a place for casual random chat and discussion.

A reminder for everyone to always follow the community rules and observe the Code of Conduct.

Image

Mobile apps:

Quick tips:

  • Use Teddit when sharing Reddit links
  • Upload videos to Streamable
  • Miss the wide old.reddit look on desktop? Install this Greasemonkey script

Footnotes:

  • Daily pixel art courtesy of adroitcell
  • Report inappropriate comments and violators
  • Message the moderation team for any issues
    • decadentrebel@lemmy.worldM
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      +1 for Keepass. I use way too many random passphrases and special characters to keep track of all of them.

      Also use Firefox Sync for my browsers.

    • megane-kun@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Reporting from KeePassXC here.

      Setting things up for seamless interoperability with mobile and PC might be a bit of a pain, but it’s really a breeze after that.

    • ein sof@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      the concerns using 3rd party for saving your login credential is kinda risky. since a possible leak may occur at may mga service provider na nagkaroon na ng ganung sitwasyon

      for me I just use Firefox sync

      The authentication key is transmitted to the server to prove that you own the account. If TLS fails, this might cause the authentication key to be leaked, and someone who intercepts this key could use it to authenticate into your account. However, they can’t use it to access your Firefox Sync data since the encryption key is used to encrypt your data before it leaves your device. This key is never transmitted to the server, so it can’t be leaked if TLS fails.

      • megane-kun@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        As far as I am aware, for KeePassXC, the database file is handled locally and it’s your responsibility where you’d store your password database file. This password database file is encrypted (when using a master password) and so personally, I’m comfortable putting a synchronized copy onto cloud storage (which also makes it easier syncing across the PC and my mobile devices).

        I assume that this is true for KeePass as well, though I‌ be wrong.

        From the KeePassXC FAQ:

        Why is there no cloud synchronization feature built into KeePassXC?

        Cloud synchronization with Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud etc. can be easily accomplished by simply storing your KeePassXC database inside your shared cloud folder and letting your desktop synchronization client do the rest. We prefer this approach, because it is simple, not tied to a specific cloud provider and keeps the complexity of our code low.

        and from a different section of the same FAQ:

        If you sync your database via a cloud provider (Dropbox, Google Drive, Nextcloud, …), you should only sync the KDBX file and distribute the key file to your computers by different means, such as said thumb drive.

        And from their user guide:

        The database file that is protected with a strong and long password is secure and encrypted while stored on your computer or cloud storage service.

        ‌ You can safely store your database file in the cloud (OneDrive, Dropbox, Google Drive, Nextcloud, Syncthing, etc.). The database file is always fully encrypted; unencrypted data is never written to disk and is never accessible to your cloud storage provider. We recommend using a storage service that keeps automatic backups (version history) of your database file in the event of corruption or accidental deletion.

        I also use a key file to make sure that I’m only accessing my password database on devices I own (to which I copy the key file manually).

        Well, I suppose there’s still some danger, in which case, I think a fully-local syncing solution (something mediated through Syncthing, I guess) can be set up. To be honest, I could have gone that route, but I didn’t bother. I just felt safe enough to store my password database on the cloud, trusting that it’s sufficiently secured via encryption (and that I have a secure enough master password).