Mastodawn

Cyberpunk Mar 10, 2024

Many times we have been recommended to use a #password manager but I personally have not heard on tips to #backup my password #database. Any #tips?

Also do you store your #2fa #totp secrets in a completely separate database from your password manager (ex. #bitwarden , #keepassxc, #1password )? If so, how do you remember it? How do you avoid circular dependency?

Please boost so I/we can benefit from multiple viewpoints. Thanks #fedi !!! :)

Show thread

Jordan

Mar 10, 2024

@slashdot I keep my passwords and 2FA codes in two separate keepassxc databases. You have to commit two passwords to memory. Albeit my 2FA password is much simpler than my master. It’s simply a few diceware words that I have memorized. It’s a good idea to consider keeping those recovery codes in a third database.

Just keep proper 3-2-1 backups and you’ll be fine. When I was using Bitwarden, I exported the database into a veracrypt container that I could then store anywhere.

Show thread

slashdot Mar 10, 2024

@jordan_kendrick I am having a similar of backing up but I don't think my memory is that reliable to remember more than 2 different passwords. Have you ever made an emergency sheet writing down these passwords?

Show thread

Jordan

Mar 10, 2024

@slashdot @jordan_kendrick I never have, but you certainly could. That’s just one more thing you would have to account for when determining your personal level of risk tolerance.

Show thread

Landsil Mar 10, 2024

@slashdot
Currently I keep everything in #1Password and that includes MFA and Passkeys and convenience items.

For me potential issues are:

I loose access to 1Pass.

Someone get's access to my 1Pass data.

1Pass looses my data.

From there logic is:

Multiple ways to get access to 1Pass, starting with multiple physical key's.

Unlikely unless I poorly store my backup access.

Vastly less likely then me messing up my backup setup.

So I backup access to 1Pass but not data itself, not ideal but good enough for my level of paranoia.