Which password manager. I thought about this but also felt iffy about storing it on a third party app even bitwarden or protonpass.
I use Bitwarden. They've been excellent. And if you're not comfortable hosting your data with them, you can host it yourself on your own hardware. But personally, I think their cloud is sufficiently secure and maintained. They're a great company and they provide enterprise-level password management to a ton of businesses in addition to individual users. But I don't rely entirely on their encryption. The seeds are encrypted externally before they're stored in the password manager.
Try Keepass
I wouldn't use Proton for my passwords or storing my seeds. Bitwarden has been in business since 2016, and securing passwords and sensitive data has been their sole focus. Proton has only been in the password game for a year or so. Proton is a good company, but Bitwarden has the sort of institutional knowledge relating to secure data storage and protection that only comes from experience.
Yea because my thing is storing it properly in case of a wild fire (California) and I’m not 100% confident that a fire proof safe will withstand the fire.
So being open to other options without risk of getting seed stolen or other risk would be best.
Even holding keys in head can be a problem with dementia which is more common than that.
KeePass is OK. It's as secure at Bitwarden, but you have to manage and maintain your vault, which is both good and bad, depending on your outlook. Managing your own vault means you're entirely responsible for the storage of your secure data. There's no production network backing you up. When it comes to seeds, I think there's something to be said for using a high-availability cloud that's fully integrated with the client. And if you use your own external encryption before sending data to your vault, you have security that's more than sufficient for a redundancy layer. It really comes down to whether or not you want to be responsible for the hands-on management of the vault.
Nextcloud Passwords better than Keepass, no more sync conflicts
i prefer keepass since bitwarden won't work without you putting your private data out on the internet on hardware that you are not in physical control of
i can't believe that people seriously don't understand this problem of physical security, the cloud brainwashing campaign seems to have been very successful even smart guys are falling for that shit
and yeah, nostr devs who don't seem to understand that storing even encrypted data at untrusted or potentially breachable storage points out in some data centre elsewhere is always not as good as not having it get stored at all, which is not as good as not putting an encrypted message over an insecure line ELEMENTARY OPSEC but somehow this isn't obvious to the kids nowadays
I think the digital storage layer is a smart play. It provides protection in virtually every circumstance, and is impervious to local events that may put your seed in danger. It's only one layer, but an important one. If something happens, the digital copy will be your first stop in restoring your wallets. It's secure, protected, and available.
Until someone gets in your network.
They better know your nextclloud password t hen
Ayo
You're free to host your own vault if you don't trust Bitwarden's secure cloud. But I think Bitwarden has earned the trust so many businesses and individuals put in them. They're not some fly-by-night operation. And hosting your own Bitwarden vault is a hell of a lot better than managing your own KeePass vault file. It's significantly more functional. But security wise they're about the same, so if you're more comfortable with KeePass, use KeePass. Just make sure you understand the features and pros & cons of each before making your decision.
Thanks boss
free to host it where, on the routeable internet? oh yeah, that's not possible without using a wireguard tunnel or similar and configuring iptables on a VPS
the easy way is to host the thing on the vps but what happens when the gestapo seize the VPS, ruh roh and they may not tell you it's happened either
good luck to the gestapo getting into my house without getting noticed tho
please don't assume i haven't got strong sigint and security knowledge, i get REALLY tired of people claiming to know about security who don't have this elementary understanding that hosting anything on someone else's shit is less secure than hosting it on your own and doing that is NOT easy
Lol OK
I also think that having your own hardware to secure your data is the best solution, but you have to know what to do, and I've just scratching and start to learn these tools. I won't go into detail on the subject, I'm still a noob.
it just grinds my gears, man, especially because last time i was hearing about bitwarden it was from supposed cybersec people who seemed offended when i pointed out to them that hosting your secrets on other people's computers is a bad idea, ok, whatever
See stuff like this makes me like okay what should I do haha
Running your own hardware isn't inherently more secure than using a competent, redundant, production network. It's very easy to screw things up if you don't understand exactly what you're doing. For 90%+ of the population, using a hosted cloud or installing your own hardware at a datacenter to host your own vaults and related server applications is the better option. Most people want a secure environment that works, not a part time job as a sys admin. If it's a hobby thing that you're doing to educate yourself, do your own hardware. But if you've $100k+ I'm bitcoin and the protection of those funds is your primary goal, then leave the engineering and administration to those who do it for a living.
You're not the only one with knowledge about security. I've been a professional network engineer since 1996. I currently spend at least 3 days a week working in a datacenter. So, I'm not just making things up to hear myself speak.
yeah, that's why i use brave's password manager and physical tokens, yubikeys, and i have a mini pc that handles my high value bitcoin stuff sitting behind me on the shelf
brave's password manager does use internet but it doesn't store stuff on other computers, the devices sync to each other using a tunnel that brave's servers let you create, it's a whole world different from what bitwarden does, and i trust brave a lot more than some company that influencoors are pimping to me
my recommendation is use brave sync, and get yubikeys and make physical backups and paper keys
i see, and that's why you recommend storing your secrets on other people's computers is it?
I'm not going to justify myself to you. I'll gladly put my resume and professional experience up against yours any day of the week. I don't even understand why you've become this hostile douchebag. We were having a friendly conversation about different options, and like someone who just started reading about security last week, you turned defensive for no reason and started pretending that you know what you're talking about. I'm just not going to talk to you anymore, and I invite you to do the same. But word of advice, you might wanna lose that attitude. It gets you nowhere, and the people who actually do this shit for a living can see right through the act.
That’s the thing. In case of wild fires everything I’ll be burned to shreds so looking for an offline storage option as well. I have a fire proof safe but what if that doesn’t withstand the burning fire. Keys lost you know.
i don't care what other people think
i refuse to advise people to do things that i consider to be dangerous
and i refuse to be silent when someone thinks that actual other peopl's lives is a matter of reputation and not actual fucking science
yeah, that's what stamped word key cards and bolts are for
evaluating the risk of such events is key to your security strategy, realistic assessment of the threat vectors
personally, i don't want to live in a place where fire is a relatively common form of property damage, i come from australia and there was many places where people lived way too close to extremely flammable, dry climate trees that actually depend on fire for propagation
let's just say that such places where wild fires are common should not be considered good places to live unless you are gonna really do the proper job securing your whole house... keeping big fire boundaries, having emergency water to keep areal humdinger that is so hot even that boundary is not wide enough
it's just not my cup of tea, if other people want to live dangerously, that's their choice but i don't really have anything to say about it except stamped/engraved metal plates, and have fun when your house burns down
