Skimming through most answers I’d like to add my own solution for password management. This will likely take you a bit of time the first time, but after that I think it’s trivial to manage (or migrate to a solution provided by others)
Basically I have a master password tied to an identity file (or KEY), and use this key to encrypt and my passwords to keep on local drive (1 file 1 password).
This leverages age, an encryption program and protocol by FiloSottile, so that every password uses post-quantum encryption (if you care for that), and can be stored on-device or on cloud without worrying for data leaks.
To give some details:
i made a KEY identity file using a passphrase (which is thus my master password)
then I simply wrote my username and passwords into txt files, each named after the service which covers (i.e. amazon.txt has my amazon username and password)
as third step I encrypt each file using the KEY, so that to view the content I need both the KEY file and the passphrase
last, i copied each encrypted file on a cloud service, for backups, and moved the key file to a usb
Therefore to decrypt a file (to see my logins) I plug in the usb (acting as a yubikey of sort, but I’m poor), via the age cli I insert the passphrase and voilà…
This seems bothersome at first, but I can securely manage password and ifnI were ever to switch to bitwarden or something else, I just need to batch decrypt my pass files (a for loop does the job, pastinf the same passphrase each time)
Skimming through most answers I’d like to add my own solution for password management. This will likely take you a bit of time the first time, but after that I think it’s trivial to manage (or migrate to a solution provided by others)
Basically I have a master password tied to an identity file (or KEY), and use this key to encrypt and my passwords to keep on local drive (1 file 1 password). This leverages age, an encryption program and protocol by FiloSottile, so that every password uses post-quantum encryption (if you care for that), and can be stored on-device or on cloud without worrying for data leaks.
To give some details:
Therefore to decrypt a file (to see my logins) I plug in the usb (acting as a yubikey of sort, but I’m poor), via the age cli I insert the passphrase and voilà… This seems bothersome at first, but I can securely manage password and ifnI were ever to switch to bitwarden or something else, I just need to batch decrypt my pass files (a for loop does the job, pastinf the same passphrase each time)