Password Managers – Trent's blog

Unless you think it would be wise to actually create a TXT file that lists all of your logins/usernames/passwords, and post it on a public forum or social media site like FB, you really SHOULD be using a password manager.
For a brief moment (back then), I actually believed that the slight scramble on my middle name from “haviland” to “H@v1LAnd” was quite adequate as a password for any and every website, and that nobody would EVER guess/crack it – right up until the moment that they did (which wasn’t long).

We ALL think we are cleverer than we actually are. In short – GET A PASSWORD MANAGER!

In A What-To/Why-To, NOT a How-To, I mentioned that it isn’t only the howto which is a problem. There are hundreds and thousands of options for passwords managers. All have their places and merits, so I will run through the journey I followed in reaching where I am now. All of the ones mentioned are cross-platform, since I want to be able to help in Getting OFF Microsoft Windows (M$-win) wherever possible.

My initial password manager of choice was LastPass. My current choice is KeePass. (KeePassXC is better in someways, worse in others, and a close 2nd).

I did, in all honesty, TRY to start with KeePass, since I figured if I was going to get a tinhat, I should have it at home, instead of on a cloud site.
The experience (as a complete n00b13) was much like WP51 for DOS. A virtually blank screen with no real clues or prettiness and minimal hints.

LastPass, on the other hand, made it easy and intuitive. It imported a bunch of existing passwords, and reported back just how bad my security actually was. I paid for a 1 year subscription ($12 didn’t seem all that bad – and the extra features were pretty handy while I was learning). I can’t remember why, but it’s behaviour started becoming annoying, and I then looked properly at KeePass and got it to work (mostly) the way I want. Again, in all honesty, LastPass contributed here. I exported/imported all my neatly structured passwords from LastPass into KeePass, and presto – it works like a dream.

If you are struggling, or unsure, start at LastPass (free)…let it help you a bit…convert to KeePass.

Sideline: KeePassXC – the only “limiting factor” for me – is that it doesn’t have range of plugins which are available for KeePass.

This is the start point. We will add 2FA later. (Baby steps for now – we’re still learning)

My preferred setup:
archlinux

sudo pacman -S --noconfirm mono-addins mono-tools \
       xdotool xsel keepass keepass-plugin-keeagent 
aurman -S keepass-plugin-keechallenge keepass-password-counter \
       keepass-plugin-favicon keepass-plugin-http keepass-plugin-rpc

debian I haven’t yet figured out the plugin additions on debian via apt

apt-get install keepass2

Browser plugins/addons
chromium (kee)
firefox (kee):

You may also like these posts:

Microsoft Windows; apps & history

debian: my preferred desktop/workstation apps for daily use

Using GnuPG keys (What/Why-TO)

Leave a Reply Cancel reply