this post was submitted on 21 Jan 2024
0 points (NaN% liked)

Privacy

32004 readers
659 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Any explanation of Why to not store passwords in plaintext and encrypt folder in zip archive (I guess U cant break pass?) Pls don't be agressive!!

top 15 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 10 months ago* (last edited 10 months ago)

I use KeePassXC

It stores your passwords in an encrypted file, then i use the random password generator, the browser extension and free phone apps to autofill everything.

(It is up to you to sync the file between devices)

[–] [email protected] 0 points 10 months ago

Because it's bad, prone to errors, user interface is poor and relies on you following your process perfectly every time.

Bitwarden.

Or KeePass.

[–] [email protected] 0 points 10 months ago

You can. You can also light your house with just candles. Its just not a very efficient or effective way of doing it and you lose out on modern features.

[–] [email protected] 0 points 10 months ago (2 children)

If you do this, you'll start writing small scripts to help you with repeating tasks, to simplify somethings, then you'll start looking for help trying to improve those scripts, then you'll find better written and tested ones and start replacing yours with those, one by one. Then you'll probably find pass or other terminal password manager. It can be a fun learning experience but sooner or later you'll end up using a password manager.

[–] [email protected] 0 points 10 months ago

Ah, the programmers pilgrimage. The first hill that they must climb is the one where they spend 12 days automating something that would have taken 10 seconds every time + half hour setup time.

[–] [email protected] 0 points 10 months ago

Pass is pretty cool, used it for many years

Now switched to vaultwarden so it's more user friendly for my girlfriend

[–] [email protected] 0 points 10 months ago (1 children)

In many unzip utilities, they use temp files that you wouldn’t be paying attention to. These temp files will contain your credentials and you won’t know where they are or if they got deleted.

[–] [email protected] 0 points 10 months ago* (last edited 10 months ago) (1 children)

And even if they're deleted by the archive program, it's likely a normal deletion, and not a secure delete where the original data is overwritten with random data before deleting the entry in the file system, which could be potentially recovered.

[–] [email protected] 0 points 10 months ago

Also an excellent point

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago) (1 children)

If your goal is to "self-host" a password manager, you might as well use Keepass + SyncThing.

  • free software
  • master password protected
  • has organization and auto-fill features
  • can sync across multiple devices

Usually the downfall of rolling your own password manager is it's easier to make mistakes and accidentally lock yourself out. Or if you don't keep backups/replicas then you could easily lose your passwords.

[–] [email protected] 0 points 10 months ago (1 children)

Or self host Bitwarden and you don’t have to bother with syncing the file around.

[–] [email protected] 0 points 10 months ago

Vaultwarden (server) + bitwarden (application, extensions), and save money while getting most enterprise features.

[–] [email protected] 0 points 10 months ago (1 children)

I guess it would work, as long as you're using an up to date zip implementation with AES-256 encryption. I guess my question would be why bother? Being compressed doesn't add any real additional benefit, since just using text shouldn't take up much space.

Is recommend just using an actual password manager for convenience, since you aren't really gaining any security by only storing your passwords in a file.

[–] [email protected] 0 points 10 months ago

I was just trying to learn, I use bitwarden+Keepass 😆

[–] [email protected] 1 points 10 months ago

Very bad, because the usability of such a scheme would be a nightmare. If you have to unzip the files every time you need a password, that'd be a huge burden. Not to mention that unzipping it all would leave the files there, unprotected, until you delete them again (if you remember deleting them in the first place). If you do leave the plaintext files around, and only encrypt & zip for backing up, that's worse than just using the plaintext files in the backup too, because it gives you a false sense of security. You want to minimize the amount of time passwords are in the clear.

Just use a password manager like Bitwarden. Simpler, more practical, more secure.