It's been a good while since looking at KeePassXC, but looks like it's come a long way here.  The "database merge" function sounds interesting for what I need, as well as it has a browser plugin it seems...  How good is the question?  Lastpass in the browser is pretty sharp about noticing input fields, referencing the right accounts, multi-computer sync, things like that.

I used KeePass, and later KeePassX for a good 10 years or so before the last 5yr of Lastpass, but it was always quirky to replicate between computers (not to mention fscking mono).  It just didn't work when I had 3-4 separate systems that needed to work with it and rsyncing.  I'm used to versioning and replicating my work data, which passwords are largely a part of here, but if I make a change on my desktop, before I sync it to my laptop while I'm on the road for a week or two, I have source of truth issues and someone loses with no atomic updates in a flat file.

Moving to Lastpass fixed this, and holy crap, the browser plugins can autofill?  Word.

Remove the cloud, it needs a database or api-sort of constant CRUD-type of feed for all endpoint clients still ideally.  I can do this with VPN, but not found something like a client/server application to replicate what lastpass or onepass bring.  I'll have to see if KeePassXC does anything like this, as simply rsync a flat file between hosts is never good, and has caused me grief.  I can always run a small db on my synology ideally, or some cheap cloud instance.  Give me a reason to set up a Nebula network to keep everything talking...

I tried nextcloud on my synology, it was just weird to use - didn't like it.  Syncing files was problematic I found, really I just wanted to dump my phone pictures out between phone devices, and never could get it to work.  I just sort of abandoned it years ago, but another thing perhaps to look at if there are features for password management.

Never heard of BitWarden, but will look into it.

Thanks Hans!

-mb
 

On Sun, May 24, 2020 at 11:44 AM der.hans <PLUGd@lufthans.com> wrote:
Am 24. May, 2020 schwätzte Michael Butash via PLUG-discuss so:

moin moin,

I have been happily using and giving presentations on KeePassX for more
than a decade. It isn't cloudy, so you have to provide your own sync. To
me this is good as it encourages different files for different reasons,
e.g. I have a travel file with just a few passwords, a file I share with
the family and files for different non-profits I work with.

If you use KeePassX, I recommend the KeePassXC fork, but there's a
consistent lockup bug in the Ubuntu Bionic distro, so stick with KeePassX
there. Both are good, but KeePassXC has more people actively working on it
and is getting more updates.

As to cloudy services, I tested two different password manager apps
available for NextCloud. I was going to use one for a project, but stopped
working on that project.

There's also BitWarden. I haven't used it, but have gotten good reviews of
it from people at conferences.

https://bitwarden.com/

ciao,

der.hans

> I've been using LastPass for 5 years, as I purchased a 5yr subscription
> initially liking the product so much.  Since then, they've been through
> acquisition by LogMeIn/GoToMeeting, which I hate, first thing jacking
> prices, had security resets due to dubious levels of being hacked, and just
> both the UI and the service have gotten worse over the past few years since
> GTM bought them.  I don't trust it'll get better from here.
>
> What are you all using for password management, particularly full-time
> linux users?  I like the cloud sync options, but I really don't trust any
> of these companies fully, and would like something easier to sync with
> across platforms minus a cloud.
>
> Thanks in advance!
>
> -mb
>

--
https://www.LuftHans.com   https://www.PhxLinux.org
#  "Civilisation is a race between education and catastrophe" -- H.G. Wells