this post was submitted on 04 Aug 2023
306 points (99.7% liked)

Asklemmy

43907 readers
1225 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Loss in terms of money or efforts. Could be recent or ancient.

you are viewing a single comment's thread
view the rest of the comments
[–] Alivrah@lemmy.world 8 points 1 year ago (4 children)

This is why I never felt comfortable enough to use one of those. A have a formula for generating passwords for each account so I only have to remember that instead of individual passwords. I know password manager might be more convenient but I'm too used to the way I've been doing things all these years...

Have you had any luck recovering your Bitwarden?

[–] foo@withachanceof.com 19 points 1 year ago (2 children)

What's more likely: forgetting the master password to your password manager or one of the many passwords you have memorized? I totally get not wanting to trust a hosted service with all of your passwords in case it disappears (having an offline backup would remedy that), but not using one out of fear of forgetting a master password is overblown.

[–] mosiacmango@lemm.ee 9 points 1 year ago* (last edited 1 year ago) (1 children)

You can always do the mostly sane thing of having a master password to your main vault as the only saved password of different password vault, i.e bitwardens master password saved in an encyrpted keepass file. You have 2 passwords to remember, but also a fail safe if you forget one.

That or just write it down somewhere safe and sane.

[–] 8ace40@programming.dev 4 points 1 year ago

The best offline backup is a piece of paper.

[–] Alivrah@lemmy.world 0 points 1 year ago

I get what you mean and you're right. It's just that I got used to how I memorize my passwords and so far haven't really felt the need to try a manager (yet).

[–] deadbeef79000@lemmy.nz 9 points 1 year ago

Bitwarden effectivly uses your master password to encrypt all the other passwords.

Without the master password all the data is gibberish. Even if you reset your master password, you get back nothing.

[–] WtfEvenIsExistence@reddthat.com 4 points 1 year ago* (last edited 1 year ago) (1 children)

Um I'm still searching for the final piece of the puzzle. I know every word (or at least I'm 99% sure) except for one word. The way I make passwords, especially for important passwords that I can't risk forgetting (ironic, since I still forgot), is to choose a word and make an acoustic poem out of it. Like for example (not the actually password or the "seed word"):

Lemmy:

Lemons Eat My Melons Yesterday

The actual passphrase I chose is unfortunately does not form a sentence nor are related words. This is how I choose to compromise between security and being able to remember.

So I know the starting letters of every word of the passphrase, and I know how many words there are, I'm just missing one word. πŸ₯² I feel so sad. Luckily, Bitwarden allows unlimited attempts, but each attempt requires a captcha. All these captchas I gotta solve... πŸ₯²

[–] fneu@discuss.tchncs.de 1 points 1 year ago

There are Browser plug-ins for captchas. Haven’t tried any, but in your case it might be worth it to check them out.

[–] linearchaos@lemmy.world 1 points 1 year ago (1 children)

I used to do this, there's always a slight worry that some place will get a couple of your passwords and be able to figure out your formula the chances are pretty slim. Were the real pain came from me, when a website forces you to change your password, or they require some limit to the letters numbers and punctuation that wouldn't allow me to use my formula. I had a growing list of websites that had more exceptions.

[–] Alivrah@lemmy.world 2 points 1 year ago (1 children)

You're right about those pesky sites that have exceptions (like no special characters)!

Alright, I'll check out a password manager. Maybe it's time to see if I can get used to it...

[–] linearchaos@lemmy.world 1 points 1 year ago (1 children)

I started out using LastPass because it's what work used which was obviously a bad idea. When it came time to leave them I moved to bitwarden which has been pretty fantastic but I mainly use it because I need to share passwords amongst my family and I really like the TOTP integration.

If I didn't have that need I would probably use KeypassX and throw it's database into a Dropbox or Syncthing.

[–] Alivrah@lemmy.world 2 points 1 year ago

I just downloaded Proton Pass. I've been using their email for years now and I like it quite a lot. But I'll check out bitwarden as well!