Any explanation of Why to not store passwords in plaintext and encrypt folder in zip archive (I guess U cant break pass?) Pls don’t be agressive!!

  • algernon@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    Very bad, because the usability of such a scheme would be a nightmare. If you have to unzip the files every time you need a password, that’d be a huge burden. Not to mention that unzipping it all would leave the files there, unprotected, until you delete them again (if you remember deleting them in the first place). If you do leave the plaintext files around, and only encrypt & zip for backing up, that’s worse than just using the plaintext files in the backup too, because it gives you a false sense of security. You want to minimize the amount of time passwords are in the clear.

    Just use a password manager like Bitwarden. Simpler, more practical, more secure.

  • tatterdemalion@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    11 months ago

    If your goal is to “self-host” a password manager, you might as well use Keepass + SyncThing.

    • free software
    • master password protected
    • has organization and auto-fill features
    • can sync across multiple devices

    Usually the downfall of rolling your own password manager is it’s easier to make mistakes and accidentally lock yourself out. Or if you don’t keep backups/replicas then you could easily lose your passwords.