I rely on Bitwarden (slooowly migrating from… a spreadsheet…) and am thinking of keeping a master backup to be SyncThing-synchronized across all my devices, but I’m not sure of how to secure the SyncThing-synchronized files’ local access if any one of my Windows or Android units got stolen and somehow cracked into or something. I’m curious about how others handle theirs. Thanks in advance for sharing!
My wife does the same, and I can’t tell you how many times a day I have to help her reset passwords, figure out if something is an “1”, “i”, “l”, or “|”, or decide what needed to be capitalized.
Even though I have Bitwarden installed for her, she just “prefers” paper like some people prefer to stub their toes.
You should try to teach her how to be more careful and clear when writing passwords. It can be hard if she’s living in constant rush but it’s a very useful skill. And btw I just always underline capital letters. Always works
I can’t wrap my head around how this is a good idea. Isn’t the idea of mfa to protect against password theft? If your second factor is stored with your password, how does that help anything? Honest question, I see this everywhere but can’t figure out why it’s acceptable with security-minded folks
Yeah fair question. IMO it def makes things less secure, but it’s a question of how much less?
As in, if all my passwords are “sexG0d” then 2fa is critically important, but if all my passwords are long and complex and unique then 2fa is still another layer but it’s much less critical.
If someone were to pinch a password through a phishing site or a key logger they would still need to unlock your .kbdx file. The way I see it, if an attacker has cracked your database, you already screwed up 20 steps ago. (Sharing your .kbdx, using a weak password for it, not changing your other passwords) I think that 2FA on a different device is too much of a hassle for how much extra security it can bring.
Late reply, but for me personally, I started doing it because my Keepass database is already accessed using two factors (password and key file). Therefore, I’d gain very little by keeping the second factor of those sites external - essentially, those second factors are compounded into the second factor for the database.
Im not sure if that’s what you mean but I just export the Bitwarden database in an encrypted json and have it backed up in cloud. I’m not sure why you need the backup synced with all devices tho
I guess it’s in cases when I may not be able to use Bitwarden, but… I suppose it can be used everywhere! Clearly, I’m new to this thing, so that’s good to know!
Oh, that changes things. So, Bitwarden can be used basically anywhere, as you said. Just log in and there you are. It’s even a website. They’re servers would have to die for it to be a problem. But that’s not a real problem actually as the app keeps a local copy on the device and every time you open the app, it syncs with their servers and updates the vault (database). So the devices are synced by default really. If you want to back it up anyway, there is a „export vault” button which you can use. If you choose with encryption it’s going to be encrypted with the master password I think :)
PS Bitwarden (company) stores only the encrypted version on their servers so that’s not an issue either
I have encryption enabled on my devices. If they get stolen, a casual thief isn’t going to be able to break it. At most they’ll wipe it, but they’ll probably just fence it as-is or for parts.
Add comment