you don't have to do jack to achieve that with brave sync, syncing your password db, that is, just enable it, done
i will only say that one time i think somehow something breached that as i had data manipulated in that password DB, or something, i forget now... suffice it to say i don't think it's perfect but it's hella better than bitwarden, even still, for UX and for simplicity and for its setup difficulty and complexity to operate
the root problem is always, and ever, about the fact that the internet incumbency is not going to let everyone put everything on the internet, and the reason being that almost everything that might do this is vulnerable, it would be armageddon, but never mind that these assholes should learn some fucking opsec and, you know, implement that as best practices in code
until that multiple layered bullshit is finally broken, give me brave sync over bitwarden any day
honestly i just want an NFC/USB based simple physical token with signing capability inside it and extensible, and high enough spec to actually do cryptographic shit
all this other shit is just makeshifts while fiat clown world IT industry finally comes to grips with their actual customers business
and even there, ffs social media customers are not the users, etc etc .... adlib to fade
I admit that I didn't look closer to brave sync and pwd management, because I somehow don't trust them (or even chromium).
On the other hand bitwarden code was internally audited in our company and I do trust our guys (who I know personally) and theirs skills.
Anyways, the seed phrases (and other really sensitive shit) I keep in a keepass db in an always offline VM and usb sticks (even LUKS protected LOL).
I don't have anything physical (like steel engraved or paper) because hackers are not my concern, police raid is.
That's not true actually, I do have my border wallets printed out.
Thread collapsed
this brings up the point that you should make your recommendations in the context of a threat model
bitwarden is for one of them, and very near it is google's password storage
brave sync is a different model which is about protecting against remote breach
you may be concerned about a physical breach in the form of police raid, but you haven't even considered that far more cheap and effective is a remote breach, for one thing, you may never know it happened, and for another thing, it doesn't require people in a physical location to perform
i'm not sure why police raid is your concern, and why if your concern is police raid you have not long ago planned an exit from the jurisdiction where this physical threat is so grave
I agree. As I said I keep some things electronic but strictly offline. Some I do not (like logins to non-critical systems). And some we share within our family.
As for jursdiction, I'm not affraid right now, but still a(ny) state can change the game rules at any moment.
(Not to mention good old physical robbery)
I'm doing recommendations of any sort. This is just how I, personally, keep my things organized and portion of secrets shared within my familly. brave is not very useful for that particular use case. And I have trust issues with them ; still a shitcoin company 😂
And I'm very far from telling ppl what to do. Here are options, DYOR, use what works best for you and your use cases.
Thread collapsed
Thread collapsed
Thread collapsed
