I don’t use KeePassXC, so I can’t give any specific advice for it. My password manager has fingerprint support (which, admittedly, on Linux can be quite a rabbit hole depending on your hardware). It only asks for my password once every couple of weeks. Some password managers also support unlocking with passkeys, so you can buy a YubiKey or similar device and just tap to unlock.
Discussion
Same I just use PGP usb drive + fprintd pam module.
👆This guy Linuxes!
Hi, I use KeepassXC and have a good, long master password which I know by heart. In my experience, if you use it regularly, this should not be an issue.
It is on a mobile device with fat fingers.
Amusingly, if this was back in the days of hardware keyboards on phones, like my G1 or G2, this would be less of an issue, as I would not have any issues banging out an accurate password on a phone when needed. I pretty much rely on swipe typing. My thumbs are not made for typing on tiny keys.
I am never using biometrics for things. Biometrics, at least in the US, at NOT protected by law, and thus, anyone using fingerprints or faces can be compelled to unlock their devices with the use of those. Passwords still enjoy some privilege under the law.
Once every couple of weeks would be better than every effing time. Ugh.
I am not sold on using a hardware key, either. They are easy enough for me to misplace, and if I have them on my person that just makes it easy for the donut squad to unlock whatever. *sighs* I hate all of this.
Fair enough. A $5 wrench is one of the most accessible "hacking" tools around, and a lot of people fail to consider it:
To be fair to Yubikey, you can have multiple keys and "cold wallet like" backups, as well as good rotation procedures if you lose one. Plus you can setup things so that sessions last longer and you don't need to carry your keu with you (at the cost of security, of course). This still won’t protect you from a $5 wrench, but even though I’m a big guy, I don’t think keeping a password stored in my head offers much additional protection if things really get rough...
On the convenience vs security scale, maybe what works best for you is a password that’s easy to glide type:
And since this post includes not one but two XKCD references, you know it’s solid advice 🤣🤣.