I ran into the same issue, I didn’t want to use a cloud password manager because entrusting literally every password I have to a third party and on the internet sounds absurd to me. KeePass seemed like a good idea for me, but at the time I fell back to syncing the vault by sending it to myself in Telegram any time I made a change. Certainly not ideal
I now just have an RPi self hosting Vaultwarden with Tailscale, and for me that’s been the best solution that keeps me happy; it’s more secure as someone needs to compromise my Tailnet first, it’s not public facing, I’m not trusting a third party to not lose my vault (a la LastPass), but its still convenient.
Keepass and syncthing are great combined. Functions fully locally even when I have no access to my home network, and changes get synced between my desktop, laptop, and phone whenever I have WAN access.
I’m gonna be honest, for Vaultwarden I don’t. However, a local cached copy of the vault exists on all my devices that are signed in via the official Bitwarden client, and I have recovered using this method before, so that’s my backup strategy.
Yeah, I’m with you on that. Everyone on Lemmy loves password managers, but I don’t really like the idea of entrusting all of my passwords for everything with one singular program. I actually also dislike 2 factor authentication. One time my phone broke and my bank wanted to verify my identity to purchase a new phone. Except my phone was broken so I couldn’t… Yeah I really don’t want to run into that scenario again except worse.
I’ve actually gone old school with it and I keep most passwords physically written down in a notebook using my own cypher language/pictograms. If someone irl really wants to break into my home, find the notebook, and try to decode it, I’d be in bigger trouble to begin with. It’s very unlikely.
2 factor when done right is nice, however phones should Never be a requirement for anything and 2fa should require at least two physical keys before being allowed to be enabled.
Why not just use password manager?
not as portable
I ran into the same issue, I didn’t want to use a cloud password manager because entrusting literally every password I have to a third party and on the internet sounds absurd to me. KeePass seemed like a good idea for me, but at the time I fell back to syncing the vault by sending it to myself in Telegram any time I made a change. Certainly not ideal
I now just have an RPi self hosting Vaultwarden with Tailscale, and for me that’s been the best solution that keeps me happy; it’s more secure as someone needs to compromise my Tailnet first, it’s not public facing, I’m not trusting a third party to not lose my vault (a la LastPass), but its still convenient.
Keepass and syncthing are great combined. Functions fully locally even when I have no access to my home network, and changes get synced between my desktop, laptop, and phone whenever I have WAN access.
Yeah, I probably would have gone with that solution if I knew about it at the time, but now that I have Vaultwarden I’m pretty happy with it.
How do you handle (and test) backups?
I’m gonna be honest, for Vaultwarden I don’t. However, a local cached copy of the vault exists on all my devices that are signed in via the official Bitwarden client, and I have recovered using this method before, so that’s my backup strategy.
Seems fair. I was just wondering since I was considering vault warden or keypass + sync thing.
I use a keepass vault thrown in a syncthing directory but like literally any file sync will do. If you get conflicts, KeePassXC can merge them
Yeah, I’m with you on that. Everyone on Lemmy loves password managers, but I don’t really like the idea of entrusting all of my passwords for everything with one singular program. I actually also dislike 2 factor authentication. One time my phone broke and my bank wanted to verify my identity to purchase a new phone. Except my phone was broken so I couldn’t… Yeah I really don’t want to run into that scenario again except worse.
I’ve actually gone old school with it and I keep most passwords physically written down in a notebook using my own cypher language/pictograms. If someone irl really wants to break into my home, find the notebook, and try to decode it, I’d be in bigger trouble to begin with. It’s very unlikely.
2 factor when done right is nice, however phones should Never be a requirement for anything and 2fa should require at least two physical keys before being allowed to be enabled.