Google: Don't use a password from another site, or something too obvious like your pet's name.
Me: 5f4dcc3b5aa765d61d8327deb882cf99

(that's the MD5 of "password")

Just a suggestion: https://www.passwordstore.org/

What's md5?

@tracktraps I use lastpass, personally. I've heard of password store, but I've used lastpass for ages and I prefer the browser integration.

Disclaimer: None of my passwords are, "password", or any hashed version of any variation of "password"

@bcye it's a hashing algoritgm. A couple of relevant videos: https://youtu.be/yoMOAIzBSpY and https://youtu.be/8ZtInClXe1Q and https://youtu.be/b4b8ktEV4Bg

@potluck The site may be outdated, but it is still in active development: https://git.zx2c4.com/password-stor...

It is also in the repos of all main distros, e.g. https://archlinux.org/packages/...

Keypass does the job for me, encrypted database file is synced over Resilio via my Raspberry Pi :)

+1 for keepass. I've been using it for almost 15 years, and I put everything in it. Passwords, of course, but lots of other stuff too. Insurance policies, ssh keys, my car's VIN, useful commands, security questions, and more. It is a centerpiece of my workflow.

@bahua Absolutely. An encrypted notebook storage solution with find-as-you-type.

And +1 for corrected spelling; it is indeed Keepass not Keypass..

@retnikt I don't find LastPass secure enough. One time I used it to log into a clients site and then my browser prompts me if I want to save it. So as a test I did and then if I check my managed passwords, I could see the password in plain text.

So if you are sharing your lastpass, chances are they could get your password anyways.

i'm investigating some password tools. Keepass / lastpass seem perfect for general consumer usage. Anyone experience with www.vaultproject.io ? It seems like a perfect tool from a developers perspective.

Relevant xkcd:
https://xkcd.com/936/

@p0s1x Vault is perfect for development and production, but it isn't a replacement for keepass/lastpass/...

https://hub.docker.com/_/vault/

@Trablarer Nothing against keepass, but I prefer a solution that is not tied to a particular software. Pass (passwordstore.com) saves everything into individual files, which can be decrypted even without pass. (they are simple gpg encrypted files).

This is a bad idea. You'll write it down and it'll be even easier to find than a bad password.