[ale] Of password managers and family...

Kyle Brieden kyle at txmoose.com
Fri Oct 20 16:16:11 EDT 2017


I completely and totally appreciate your stance on this, Joey.  My 
family don't fall into our category, though :P

I can't say I trust anything that's opaque or outright blackbox myself, 
but *something* is better than *nothing*, which is what they have right 
now.  There's a reason companies like LastPass thrive.  They are trusted 
to do the hard things for people who can not or do not want to.  I 
guess, overall, what I'm asking for, is this:  "Which company do y'all 
feel is most trustworthy?"  Additionally, "Which tool is easiest to use 
so that someone who would actively avoid learning 'those computery 
things' would be willing to utilize this?"

---
Very respectfully,
Kyle Brieden

On 20-10-2017 15:55, Joey Kelly wrote:
> On Friday 20 October 2017 15:30:56 Kyle Brieden wrote:
>> Howdy all,
>> 
>> I've been using a KeePass vault for password management for a little
>> while now.  I use my NextCloud server (SUPER awesome, do recommend) 
>> for
>> syncing the vault between computers and mobile devices.  I use 
>> KeePassXC
>> on Windows, Mac, and Linux, and I use different apps on my Android 
>> phone
>> and iPad respectively.  This is all well and good for *me*, because I
>> like the open source, I own all the hardware, I'm doing this all on my
>> own kind of feel, but this isn't sustainable for anyone more than
>> myself.  I have been bitten in the ass before by my vault getting out 
>> of
>> sync between two devices or being open on multiple devices at a time.
> 
> Someone needs to LART me because this is an AOL "me too!" reply.
> 
> I do not trust any foggy service to hold my passwords. I am a hardcore 
> geek
> and enjoy bash, so I decided to spin up yet another half-finished 
> project to
> vault my passwords a year or so ago, using Perl and AES. My script asks 
> me for
> the master password, then lets me view or change any particular entry. 
> I have
> to manually copy and paste the passwords.
> 
> I don't trust others, but I trust me, and ain't no way I'm going to 
> leak data,
> even encrypted data, to the web.
> 
> --Joey
> 
>> 
>> My family (fiancee, sister, brother-in-law, mother, and father) need
>> protection.  They NEED to stop reusing passwords and set up a password
>> manager.  Does anyone have any opinions on low barrier to entry, low
>> friction password managers for the non-technical in our lives?  I've
>> investigated LastPass thus far, and the price seems worth it to me.
>> LastPass seems trustworthy, too, with how open they are about their
>> technology stack.  I have looked at some others, such as Padlock, too,
>> which seems like a good open source alternative.
>> 
>> Thoughts?  Opinions?  Feelings?  Success and/or catastrophic failure
>> anecdotes?
>> 
>> Thanks!
>> 
>> ---
>> Very respectfully,
>> Kyle Brieden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x89C9D831.asc
Type: application/pgp-keys
Size: 3053 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20171020/82408d71/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20171020/82408d71/attachment.sig>


More information about the Ale mailing list