I don’t want to store all my eggs in one basket. Already use a password manager but don’t want to store it there.

Any suggestions?

  • DessalinesA
    link
    fedilink
    arrow-up
    16
    ·
    3 years ago

    Already use a password manager but don’t want to store it there.

    Why? That’s what a password manager is made for. You might as well just not use one if you’re afraid it could be compromised.

    • pineapple@sopuli.xyzOP
      link
      fedilink
      arrow-up
      5
      ·
      3 years ago

      yeah, I get you but keeping passwords and recovery codes and tokens all together doesn’t seem like a good idea to me.

    • Sr Estegosaurio
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      I have a password + usb key to unlock my passwords. So… in some way it stills some kind of 2FA? (obviously not as secure, but way better than having them on plaintext. I will also plan to make a paper backup of all)

  • murky
    link
    fedilink
    arrow-up
    7
    ·
    3 years ago

    If you choose the physical approach to print them out on paper, a good hiding place would be an inconspicuous-looking book in your bookshelf

  • AgreeableLandscape
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    3 years ago

    This probably shouldn’t be your primary storage, but for an easy and reasonably reliable backup, set up LUKS or Veracrypt encryption on a good, brand name flash drive or SD card and store all your passwords and keys/codes there. You can get almost any password manager to give you a CSV or txt file with all the data in your account. Put the drive somewhere safe and out of the way, not plugged in anywhere unless you’re actively accessing it.

      • pinknoise
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        Imo thats the most comfortable solution. Just be sure to keep multiple such backups (ideally at different locations) and check them regularly.

  • ⁠ ︎
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    3 years ago

    In my mind, the one place that can’t be easily compromised… at least not yet.

  • Sr Estegosaurio
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    I use KeePass (+ syncthing to sync with my phone) to manage all my passwords, 2FA, Recovery codes & additional info… etc

    I would recommend it (or even a selfhosted version of BitWarden). But if you do not like that solution you could always create an encrypted container like a tomb or a veracrypt one. I really like tombs for storing things, but is GNU/Linux only so if you need to use it on other systems…

      • Sr Estegosaurio
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Really well! I want to try to sync out things with git too. But I would recommend it to anyone bc is dead simple.

      • m-p{3}
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        Syncthing is one of the few software I can set up and actually forget it’s running and doing it’s thing perfectly in the background. It even auto-update itself.

  • GadgeteerZA
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    3 years ago

    I use my password manager as less room for error

  • obsolete29@sopuli.xyz
    link
    fedilink
    arrow-up
    2
    ·
    3 years ago

    At this time I store them in my password manager (keepass) but I get what you’re saying. You’d only need the recovery key if you lost access to your password.

    Something to improve for sure.

  • flbn
    link
    fedilink
    arrow-up
    2
    ·
    3 years ago

    i have a contact book with important people’s phone numbers, addresses, and birthdays. i figured i’ll never fill it out so i have some important ssh keys and my backup codes in the back, working the opposite way of “standard” writing.

    • kazutrash
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      My passwords are storaged in a book and encrypted through single tags related to my personal life written in japanese .

      If I forgive my passwords i just need to guess them. There’s no way someone can hack a book, know my personal life and be able to read japanese simultaneously.

    • flbn
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      also, this contact book looks exactly like the other 90123570 journals i have, with one discernible characteristic if you look close enough. it feels safe hanging out with the other journals. hiding in plain sight, i suppose.