Vermutlich der hilfreichste Tipp diesen Monat!
Danke @GNU/Linux.ch
#passwordmanager
How to Self-Host Vaultwarden (open source Bitwarden) Password Manager with Docker
Bitwarden is a great password manager that is packed full of features. I’ve been paying the $10 pa for the hosted version as it is really reasonable (and I help sustain the Bitwarden open source project), and the data is anyway all fully encrypted and not readable by Bitwarden.
But there is also an unofficial fork of it called Vaultwarden, which you can self-host if you want to. The linked article explains step by step how to set it up in a Docker container. Just remember that you will want to be sure you are backing up this data properly, as this is your primary source of data to access your hundreds (or more) of online services.
One thing just to check, before diving in, is how Vaultwarden will migrate to using passkeys, as that is something I’m eagerly awaiting from Bitwarden.
See https://linuxiac.com/how-to-install-vaultwarden-password-manager-with-docker/
#Blog, #opensource, #passwordmanager, #technology
Proton launches an end-to-end encrypted password manager, but it’s going to have to handle passkeys
While the service will eventually become free for everyone to use, it’s currently only available as a beta to Proton’s Lifetime and Visionary users for now.
As is the case with Proton’s other products, Proton Pass uses end-to-end encryption (E2EE) that’s supposed to keep your personal information away from prying eyes, including third parties and Proton itself. In addition to letting you store your usernames, passwords, and notes, you can also add any randomly generated email aliases that you can use as a replacement for your real address.
Proton plans on making its password manager open source once it’s released to the public and is also offering up to $10,000 in rewards for security researchers who can find vulnerabilities within Proton Pass and its other products.
So, it seems to tick all the boxes, and it just needs to still publish a browser extension for Firefox. But it is 2023 and the world is in the process of starting a migration away from site passwords, to using passkeys. So one hopes that this planning is also in the works for Proton Pass.
See https://www.theverge.com/2023/4/20/23691097/proton-end-to-end-encrypted-password-manager-e2ee
#Blog, #passwordmanager, #ProtonPass, #security, #technology
Hhmm. Bei einer Recherche nach den Suchbegriffen 'export seahorse data' haben die wenigsten Ergebnisse mit dem Thema #PasswordManager zu tun.
Was sich hinter den anderen 90% verbirgt, will ich heute morgen gar nicht wissen. 🙁
Why using a password manager with MFA is key, and should be compulsory
https://twitter.com/RachelTobac/status/1352409636792492035?t=F8DZ_6Bk6YtRI-X0j38sFQ&s=19
These are the Best Free Password Managers: Bitwarden, KeePass, and more!
Having a password manager is one of the best courses of action if you want to keep your online presence secure, and it’s one of the very first recommended apps we should be installing on our phones. It has been known for a long time that keeping the same password (or just slight variations of the same password) across several websites, is insecure as once someone manages to get their hands on your password, they can have easy access to all of your other accounts.
But some things you need to consider are:
* 2FA for app - very necessary now to prevent someone taking control of your password manager itself
* Sync across devices - not only for convenience but also as backup if primary device gets lost
* Automated backups - certainly needed if not syncing across devices
* Cross-Platform - to auto-fill on desktop browser, iOS, Android
* Independent audits - essential to know the app has been independently tested and verified
* 2FA Auto-Fill - nice to have for many sites that now use 2FA and where you don't want to run a separate 2FA app
See Best Free Password Manager: Bitwarden, KeePass, LastPass and more!
#technology #security #passwords #passwordmanager
Tired of using the same password for everything? Looking for free password managers to manage all your passwords? We have you covered!
https://gadgeteer.co.za/these-are-best-free-password-managers-bitwarden-keepass-and-more
Backdoored password manager stole data from as many as 29K enterprises - Passwordstate is an Enterprise Password Management solution
As many as 29,000 users of the Passwordstate password manager downloaded a malicious update that extracted data from the app and sent it to an attacker-controlled server, the app maker told customers.
In an email, Passwordstate creator Click Studios told customers that bad actors compromised its upgrade mechanism and used it to install a malicious file on user computers. The file, named “moserware.secretsplitter.dll,” contained a legitimate copy of an app called SecretSplitter, along with malicious code named "Loader," according to a brief writeup from security firm CSIS Group.
The Passwordstate breach underscores the risk posed by password managers because they represent a single point of failure that can lead to the compromise of large numbers of online assets. Well that is a worst-case scenario for many, especially happening on the client side. Always have a good master password and ensure you have 2FA turned on.
See Backdoored password manager stole data from as many as 29K enterprises
#technology #security #passwordmanager #hacked
Compromised update mechanism for Passwordstate pushes malware that steals data.
How to easily export your passwords from LastPass and import into open source Bitwarden
Today the new LastPass pricing goes into effect and I still see a few people asking how to transfer their passwords out. The link below helps with that. Bitwarden is open source and probably the closest alternative to LastPass in terms of functionality, complete with 2FA built-in for use with websites (so no need for Google's authenticator).
Bitwarden has a free tier, but its premium subscription is $10 vs LastPass which is $36 (For individual per annum costs).
See Import Data from LastPass | Bitwarden Help & Support
#technology #opensource #lastpass #bitwarden #passwordmanager
Use this article for help exporting data from LastPass and importing into Bitwarden. You can export your data from LastPass from their Web Vault or from a LastPass Browser Extension: A previous version of this article stated that you needed to use the Browser Extension to export Form Fills (e.g. Addresses and Payment Cards), however testing by...
- - - - - -
https://gadgeteer.co.za/how-easily-export-your-passwords-lastpass-and-import-open-source-bitwarden