On a more fundamental level, you should not be using the same password on different websites, and use a password manager like KeePass to generate and keep track of the passwords.
@Gargron The problem is keeping track of enviorments. Is keepass for Windows(Edge), Google(Chrome), Apple(Safari)? for Computers, Tablets, phones? Or do we have to choose alternative password managers for each? At the end of the day, having the same password for the accounts I use the most is just quick and simple.
@DrunkenWolf keepass has a desktop application for windows, and a phone app for apple called minikeepass, however, as far as I know, there is no android phone app, and you will have to manually transfer the password database
@keearis I figured as much. Wish it was as simple as one universal thing called keepass that you can apply to any device you're using. But that's just not reality.
@keearis Thanks for the link.
keep your database synced with something like dropbox or syncthing
nonfree but more convenient alternative: enpass ($10/life to use more than 20 passwords on mobile, but otherwise unlimited, works on basically every platform and includes browser extensions, also includes one-time passcode generation for 2FA, autofill with a click) https://enpass.io
@frainz @Gargron I can use password managers in general but my issue is lets say I have an iphone. I let Keychain generate my passwords and save them. But then I go home and I just happen to have a windows laptop. Now what? I use my iphone like if it was a computer, so everything is in Keychains. Do i really have to manually passover all usernames and passwords from iphone to whatever password manager Windows uses? Laziness will be my downfall.
@frainz Hmmm... I'll look into that. nextcloud is easy to remember... bitwarden not so much lol.
@DrunkenWolf @Gargron There are versions of KeePass for Windows, Linux, Android, iPhone, macOS, and plugins for all major browsers, including Firefox, Chrome and Safari. You just need to sync your database between all your devices. More info: https://keepass.info/plugins.html There are also online password managers, and some of them are open source and can be self-hosted, like Bitwarden ( https://bitwarden.com/ ). Really, there is no real excuse to using the same password!
@DrunkenWolf @Gargron The nice thing about Keepass and KeepassXC is that they make use of a common storage format that's supported by a great bunch of apps.
So there are apps for nearly all plattforms that can read your password database. And the desktop program *can* be integrated but doesn't have to, as it also works well without that due to so-called "AutoType".
@schmittlauch I was thinking more along the lines of having a password manager generate passwords for the user and saving them I believe Keychains for the macbook does this. But then thats only within apple products. To be honest I haven't used it to see what happens if I tried to sign in to the same accounts on Edge or Chrome.
@schmittlauch I guess the best thing for me right now is just to stick to one environment and apply that to all my devices. So if its apple then its macbook, iphone, ipad, imac etc.. and save myself the headache.
@DrunkenWolf If that wasn't clear: The same works with the Keepass ecosystem. You generate passwords and store them into an encrypted file.
This file can be read by various programs and apps for your desktop or mobile. You just have to sync the file between devices, e.g. via Nextcloud, Dropbox or other services.
@DrunkenWolf so while you may have different apps for different environments, they all can use the same password data.
And the different apps can specialise better for each environment than a single cross-platform app could do.
@DrunkenWolf you can use the same password with variations. For example mypassword-forgoogle, mypassword-formastodon, mypassword-forapple, ... Then you only need to remember your single password and your scheme.
(In this case, [password] `dash` for[website])
... Until KeePass gets pwned...
@dheadshot KeePass is a program that stores passwords in an encrypted file on your machine behind a master password (the only password you need to remember henceforth)
I prefer EnPass. It supports sync between multiple platforms and browsers, and the encrypted wallet file can be stored on my own cloud.
@Gargron Very true. The problem is... nobody wants to
@Gargron I prefer Bitwarden. It's FOSS and works on every modern browser, as well as Android and iOS.
@popekingjoe I’ve been using 1Password to manage my family’s passwords, but since I’m trying to move to self-hosted services Bitwarden makes more sense! Thanks for the suggestion!
@ahyoussef no problem! I switched to it from LastPass months ago and I love it. Works everywhere I use it better than LastPass did and doesn't nag you about its premium tier.
@Gargron Pocket safe password manager:
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!