[LoganDark]

KeePassXC can even still be online, too; example: https://logandark.net/passwords.kdbx

It's not centralized, of course; you still have to download the entire database, and then potentially upload the entire database again for any changes; but it doesn't have these vulnerabilities.

[wps]

Haha this was a powermove. It is genuinely great that since it’s just a file you can host it anywhere you want. S3, WebDAV, your own site. I personally use copyparty and WireGuard for my kdbx file. I find it better than syncthing because there’s an obvious master copy (edited in place), and there’s no good way to keep syncthing running all the time on iOS, which can lead to sync conflicts.

[baal80spam]

Yeah, some people even upload their KDBX files to github (in public repos, no less).

[roughE]

Just how do you use copyparty and wireguard for this if you kindly elaborate on that please

[wps]

Hello. I use copyparty on my LAN hosting the kdbx file. It is exposed via webdav for my phone's client (keepassium). It is always available for KeePassXC (you can use rclone or just webdav in the file explorer). This is backed up to b2 every hour. I use WireGuard to access the LAN when I am not home. My phone autoconnects to WireGuard as soon as it is on any network that is not my home network.

[dizhn]

I sometimes casually include tokens in my comments (changing a few characters here and there) to make people gasp but parent is taking it to a different level.

[ASalazarMX]

The database is encrypted, so theoretically it doesn't matter if other people have it, but what a chad. I suppose these are not your real passwords, or are low-value ones, because there could be zero-days we don't know about.

And I was queasy of hosting mine on Dropbox.

[LoganDark]

A bunch of them have changed since I migrated to iCloud Passwords, but no, that is an actual real passwords database with every internet account of mine that I knew about as of around December 2024.

I tuned the encryption to take a short while to unlock for even a high-tier desktop CPU, to the tune of slow password hashes. I actually somewhat enjoyed the delay every time I opened up the database...

[ASalazarMX]

Well, if you somehow lose the file, I'm sure you can ask here and someone will have a copy. It is a nice artifact of the times.