[awelxtr]

> A lot of people (do not trust password managers, case in point the recent last pass scare.

That's no excuse. KeePass allows having the database file locally where it's you duty to manage it.

It might be less convenient, maybe. But I don't see valid excuses for people to not start using a password manager, even less the less tech savvy people.

[shepherdjerred]

It’s completely valid to distrust password managers. No software is free from bugs, or accidentally exposing your passwords. It might take a lot of work, but it’s certainly possible.

There’s also the possibility of mismanaging your password database and losing all of your data.

[witrak]

> It’s completely valid to distrust password managers.

Is it, really? And at the same time to trust one's memory? For memorizing hundreds of long passwords? Don't think so...

[shepherdjerred]

Distrusting password managers does not implicitly trust your own memory.

There are alternatives to programmatic password managers or human memory, e.g. a paper notebook and a safe. That's not an approach I would personally take, but I imagine it's a reasonable option for someone who sees the potential danger of trusting any program for sensitive data.

[awelxtr]

> There’s also the possibility of mismanaging your password database and losing all of your data.

The alternatives are same password everywhere or keeping a paper around with the passwords written in plain text. Both are equally disastrous (unless you work at home and don't ever get robbed)

[gokdisjtrdcvv5]

I would say having it written is more secure. If you hide it in a good spot no robber is going to find it and even if they do you will almost certainly know you’ve been robbed so you can change the passwords. Not only that but I bet 99% of robbers wouldn’t have an effective plan to sell or use the passwords. Digital on the other hand has a significant chance to go undetected for a while and certainly know exactly what to do with them.

[jjk166]

Or finding a good mix between entropy and memorability so you can keep lots of strong passwords in your head, like the featured article discusses.

[adgjlsfhk1]

This doesn't work. If you have 100 different accounts, there is no way you can memorize around 5000 bits of entropy in a reasonable amount of time.

[jjk166]

You don't need 50 unique bits of entropy for every one of those accounts. Memorize 10 25-bit passwords, for each account combine two of them, now you have 100 unique 50-bit passwords and you only need to remember 250 bits (technically 257 because you need to remember which combo goes with which), roughly the entropy of a long sentence. It might not be secure if someone has already hacked enough of your accounts to work out your pattern, but if you have dozens of accounts with different logins simultaneously compromised, that's on you.

I've got maybe 10 accounts that I really care about keeping secure - things like my bank and such where if someone got a hold of my account it would be a tough mess to sort out. Each of them has a unique password. But for most services I have login credentials for, I am not actually giving them any sensitive information. While I now use a password manager for these, before I just had a simple system for altering an otherwise standard set of passwords. It's not too hard to remember redd1t[standardsecurepassword], h@ckernews[standardsecurepassword], p0rnhub[standardsecurepassword], etc but as far as some random attack script is concerned these are all extremely unique and secure. If a human were specifically looking at it they could easily figure out the pattern and make some smart guesses, but even then I already give different emails to different accounts so I can tell who is selling my email addresses to spammers, and I had a few different secure passwords that I'd rotate, so only a tiny fraction would actually be in jeopardy. And again, there's nothing of value to be gained by hacking into these accounts. Overall I had maybe 15 genuinely unique passwords to remember, hardly a herculean feat. Now with the password manager, I still don't use it for my sensitive accounts, so I have like 8 passwords to remember; a relatively minor improvement.

[aeternum]

Keeping a local database file secret is a pretty difficult task. You introduce a wider attack surface vs. a memory-based password.

[bigiain]

Keeping it secret isn't as critical as you make it sound.

KeePass is open source. You can review the crypto, or pay somebody competent to review the crypto, or trust that the project or some 3rd party has done so.

I wouldn't go out of my way to publish my KeePass file publicly, but any attacker who can break the 256 bit AES encryption, or brute-force/dictionary-attack it's key that's using Argon2 KDF with enough rounds to take 1 second per key transform on my laptop, is well into the "I stand no chance against state level actors specifically targeting me" category, and I'll just assume I've lost to them already. In the immortal words of James Mickens: "If your adversary is the Mossad, YOU'RE GONNA DIE AND THERE'S NOTHING THAT YOU CAN DO ABOUT IT." If ASIO/CSIS/GCHQ/GCSB/NSA want access to my accounts, it's unlikely having passwords that are only in my memory is going to make much difference to my personal outcome. If a driveby teenaged script kiddie hits a zero day on one of my devices and pops my KeePass file, I'm not even sure I'd bother changing the passwords.

I'm happy enough storing the KeePass file on my (encrypted) laptop hard drives. I'm OK with using iCloud to sync it to my phone. I'm fine with it being part of my regular TimeMachine backups to a pair of external usb (encrypted) drives, and for a copy of that usb drive backup to be synced to an encrypted S3 bucket.