Google Says Sorry After Passwords Vanish For 15 Million Windows Users.

admin , 5 hours ago

I guess now is as good a time as any for them to start using a proper password manager.

Personally, I recommend Keepass - it has multiple clients for all platforms, and you can keep the file in sync with a program of your own choosing, like Dropbox, syncthing or whatever you like.

SaltySalamander , 4 hours ago

Vaultwarden ftw

GoJimi , 4 hours ago

Exactly! Self hosted FTW. Chances of a data breach… Typically pretty minor if you are smart.

pennomi , 3 hours ago

Chances of losing the data is higher with selfhosting too. Unless you’re doing some sort of multizone replication, or course.

GoJimi , 3 hours ago

Yeah. Daily and weekly cloud backups solve that for myself for sure.

nialv7 , 3 hours ago

I use syncthing so there’s a copy of my password database on each of my devices.

ThePantser , 2 hours ago

I am hosting on Home Assistant which itself gets a backup to my Google drive and my personal machine. So there are two backups, as long as HA doesn’t create a corrupted backup 3 weeks in a row I am good.

Lem453 , 1 hour ago

Borg backup to borgbase is not very expensive and borg will encrypt the data plus the vault is also encrypted

Lem453 , 1 hour ago

Keep vaultwarden behind wireguard for local only access then also use https certs and good master password. Very secure like this

N1ghtstalk3r , 4 hours ago

+1 for a self-hosted Vaultwarden instance. If you’re technically capable and have extra hardware laying around this is the best way to go.

TimLovesTech , 3 hours ago

Although a backup is still required or you are gambling on hardware outliving your need for your data.

N1ghtstalk3r , 3 hours ago

100%. Make sure to follow the 3-2-1 backup rule with all things you do.

Lem453 , 1 hour ago

Anyone with the knowledge to self host will quickly discover 3-2-1. If they choose to follow it, that’s on them but data loss won’t be from ignorance

Wistful , 4 hours ago

Keepass XC on PC, Keepass DX on Android, Syncthing to sync database

Works flawlessly!

nekusoul , 3 hours ago

Most amazingly, this setup is also unexpectedly resilient against merge conflicts and can sync even when two copies have changed. You wouldn’t expect that from tools relying on 3rd party file syncing.

I still try to avoid it, but every time it accidentally happened, I could just merge the changes automatically without losing data.

tabular , 3 hours ago

Shoutouts to paper and pen.

Keep the booklet in a safe place.

maccentric , 3 hours ago

Typically, the drawer just below the keyboard (in my experience)

tabular , 2 hours ago

Hopefully someone in the house is supposed to be there, or they just take the TV.

slumberlust , 1 hour ago

If it’s my mother, post it notes stuck to the laptop…

admin , 3 hours ago

If you never, ever need your passwords outside of your home, that’s great advice - it’s as secure as can be against digital theft. Less so against fire though, and backups are out of the question.

nous , 2 hours ago

You can have backups of physical books. Just copy the text from one to the other. Yeah it is manual work but so is writing the first one in the first place. You can then store the second copy in a fire resistant safe or at a friends or family members house (maybe inside a safe as well).

tabular , 2 hours ago

Well you can write a copy and keep it in a shed if it’s unlikely to also catch fire.

Shdwdrgn , 1 hour ago

I just store all my passwords in robots.txt on my web server, makes it easy for me to access them anywhere I go…

/s

lauha , 1 hour ago

I have a firesafe at home for important papers, passports and some emergency cash. I keep my passwords there.

Ilovethebomb , 50 minutes ago

This is the first suggestion here that’s actually within the technical abilities of most people, even most Lemmy users.

The level of technical knowledge some of people here seem to think the general public has is absurd.

admin , 31 minutes ago

If getting a Dropbox account is too difficult for them, I seriously wonder why they’d be subscribed here, or reading articles about password management in browsers.

Ilovethebomb , 15 minutes ago

Because I’m interested in tech news, especially since the world we live in can’t function without it.

Besides, Lemmy seems to seriously overestimate the technical abilities of, well, most people.

GissaMittJobb , 1 hour ago

Bitwarden is probably a more pragmatic choice for most users, given that it’s free and without having to manage the syncing yourself.

Any password manager is better than the alternative, though.

daddy32 , 5 hours ago

“Chrome users” or “Chrome under windows users” would be closer to the truth. Still, quite a screw up.

tdawg , 1 hour ago

Something like 2/3rds of the world uses chrome for desktop. I’d bet that number is higher for windows specifically. If you’re the rare person who doesn’t use chrome then you’re savy enough to know this doesn’t apply to you

knacht1 , 2 hours ago

Bitwarden here. Works well.

parpol , 5 hours ago

Sweet. A special sunday collaboration episode of Why You Use Firefox, and Why You Use Linux.

BearOfaTime , 4 hours ago

I don’t use the password manager in Firefox, what a terrible idea.

Use an independent password manager, something purpose-built.

And using Linux? Hahaha, right, right. Call me when there’s a serious OneNote, or even more importantly, Excel competitor. (Or even a standard shell on Linux, or the same set of tools built in).

Aatube , 4 hours ago

Use an independent password manager, something purpose-built.

Why? You're talking as if browser password managers aren't purpose-built. "I love entering a password to fill my passwords for me instead of entering a password" —statement dreamed up by the utterly deranged. (I think we all should just use auto-locking.)

OneNote

Web-based stuff like Notion and Google Keep

Excel

LibreOffice Calc with Tabbed UI

standard shell

what is that

KLISHDFSDF , 4 hours ago

Call me when there’s a serious OneNote…

OneNote works on the web, but there’s also Notenook if someone is looking for similar features with an app for offline access + End-to-end encryption and open source alternative. I’ve got it syncing to my Android, Windows, Linux and Mac clients without issue.

…or even more importantly, Excel competitor.

There’s OnlyOffice which has a spreadsheet. Yeah it’s not Excel which has existed for a million years, but it should work for the vast majority of users’ basic needs. It may not work for your specific use case, but it is a viable alternative that exists today. If you want more online collaborative features (like the o365 version has) you can use CryptPad, which provides an end-to-end encrypted and open-source collaboration suite, including the web version of OnlyOffice Spreadsheets.

Or even a standard shell on Linux…

What does this even mean? Nearly every major Linux distro sets bash as the default shell, and if not the default, is probably already installed and called if needed. Not sure I understand the problem here.

…or the same set of tools built in

Stick to a single OS and you get the same set of tools built in? This is a strange statement to be making against a system that not only thrives on diversity but has lots of niche systems that require a myriad of default tools.

---

I do completely agree about not using any browser’s built-in password manager.

tabular , 3 hours ago (edited 1 hour ago)

It is not the software which can lack seriousness, but the developer and the user. One is proprietary where the developer controls the user’s computing - the other is free software where the user is in control (free as in freedom).

AlexanderESmith , 1 hour ago

I agree that using browser-based password managers is not a good idea, but everything else you said was willfully ignorant.

• OneNote isn't that special, and you don't need Windows to use it.
• There are half a dozen excel competitors that are feature complete (OpenOffice, LibreOffice, GSuite, Zoho, Gnumeric...)
• All shells use the same standard tools, excepting a few bulit-ins (because most tools are external to the shell). Some shells have different syntax, but most of them share most syntax. In 90% of cases, the default shell is bash, or an offshoot (dash, etc), which are all descendants of sh, so unless you're using an extended feature set, scripts are cross-compatible.

lemmyvore , 11 minutes ago

Firefox Sync was purposefully built too, they didn’t wake up one day to find it on the porch in a basket.

It syncs passwords, works on desktop and mobile and can do some other cool stuff — syncs tabs and bookmarks, alerts you to password breaches, send tabs from one device to another, lets you export your passwords etc. It’s a good password manager.

yggstyle , 4 hours ago

A better statement should be: you should remain vigilant and light on attachment to any banner. If an ill wind blows and you don’t like it, it’s time to move. Control your data- aspire to be a digital nomad.

Firefox isn’t without it’s own issues, recently. Google used to be viewed as a paragon once, too.

kbin_space_program , 4 hours ago

Google was always incorrectly viewed as a paragon.

yggstyle , 3 hours ago

Once upon a time I think they were largely harmless … but once they started leaning into profit over quality they went rotten in a hurry. Exactly why I’m concerned with mozilla’s path.

TimeSquirrel , 2 hours ago

Must have been when it was still a bunch of servers in a garage.

ArcaneSlime , 4 hours ago

Well, there does keep being more reasons by the day…

Ilovethebomb , 49 minutes ago

How do you know someone runs Linux?

Don’t worry, they’ll tell you.

sidgames5 , 1 hour ago

Keepass has been working with no issues

FauxPseudo , 4 hours ago

That’s definitely a change from companies just leaving passwords around for anyone to find.

homesweethomeMrL , 44 minutes ago

No $10 gift card?

Lame.

ZarkleFarkle , 48 minutes ago

I put all my passwords in a text document, then print it on a little strip of paper and shove it up my ass. Whenever I take a crap, I dig it out from the turds and try to memorise some of them again. Then I shove it back up there where noone else can find my data and I won’t lose it.

ZarkleFarkle , 47 minutes ago

Forgot to mention I delete the text document and set fire to the computer’s hard drive. The passwords are only ever in my ass, with the rest of my personal shit.

Crackhappy , 16 minutes ago

Following up your own shit post with another shit post is shit post gold.

lemmyvore , 20 minutes ago

This tracks very close to my idea of the suppository flask stick.

ChaoticEntropy , 39 minutes ago

Premium Bitwarden is so cheap and effective that I find it difficult to justify using an alternative.

Evotech , 5 minutes ago

Still. Back it up

Evil_Shrubbery , 2 hours ago

They didn’t vanish, it’s just that now only Google has them.

angelmountain , 27 minutes ago

No password manager is 100% safe. Make back-ups.

Beaver , 47 minutes ago

Switches to Proton Pass