Need advice on a better way to manage all the passwords one has.
I'm against a password manager per se as they seem like honeypots. What methods do you all find useful?
Discussion
TLDR: host your own password manager.
Password managers are great, but you run the risk of the company getting hacked as has happened to LastPass and others. You could use something like Bitwarden and set up 2FA and use a Yubikey. This will protect you against your passwords getting hacked, but if the company’s servers go down then you’re screwed. If you enable cache then you might be ok, but you’re still relying on a third party to store your data and if you opt for the plan with yubikey you have to pay a ~$10 annual subscription.
Solution: host your own instance of Bitwarden (Vaultwarden). Not only do you get to keep the convenience of using a password manager, but you can rest easy knowing you’re hosting your data in your own server. This does require you spin up a server, which can be done fairly easily nowadays. I’m a big fan of StartOS from nostr:npub126ntw5mnermmj0znhjhgdk8lh2af72sm8qfzq48umdlnhaj9kuns3le9ll they sell plug and play servers, but you can use an old laptop if you don’t want to buy new hardware.
I would suggest you keep the passwords to the Server and Vaultwarden on a piece of paper inside a tamper evident bag. This way you keep the gatekeeper passwords offline, and if someone were to come across those passwords at your house they would still need to know what to do with it (go to your server LAN address). There are some tradeoffs and nuances, but I think this is a pretty solid option
I use keepass clients on all my devices. If you really study it and understand its power. You'll realize there's nothing better.
But I'm an extreme ultra geek. On the extreme bleeding edge. From my perspective. No technology can be too powerful for me to max it out. It's a sickness..😩😆
#MorePower!!!..⚡⚡⚡⚡⚡
Create a simple cypher which you apply to the name of the service or site. Use two memorable scripture addresses in front and back.