Jump to content

Does anyone know of a good SELF-HOSTED Password Manager, preferably open source, that works acro...

G+_Darryl Gibbs

By G+_Darryl Gibbs,
in Know How

 Share

Recommended Posts

G+_Darryl Gibbs Newbie

G+_Darryl Gibbs

Posted
Posted

Does anyone know of a good SELF-HOSTED Password Manager, preferably open source, that works across Android, Windows and Linux? I know that no piece of software is infallible, but I see that even some of the popular services (like 1Password and LastPass) have vulnerabilities, and I would prefer to keep control over all my info.

 

Does such a utopia exist?

Link to comment
Share on other sites
G+_Ben Reese Newbie

G+_Ben Reese

Posted
Posted

I use and love KeePass. Everything is stored in a vault that you hold and you're responsible for syncing that across devices. I believe it uses AES encryption and you can set the number of hashes (defaults to 5,000, I think).

 

I've used the apps on Android, iPhone, and Windows. Auto fill isn't near as convenient on Android as what LastPass offers, but it's better than either can do on iPhone. On Windows (probably Linux and Mac too) it uses an auto-type, so not susceptible to clipboard vulnerability.

 

Probably the best option I know of at this time.

Link to comment
Share on other sites
G+_Ben Reese Newbie

G+_Ben Reese

Posted
Posted

I honestly use LastPass for most stuff. It makes it a lot easier to share logins with my wife.

 

Yes, I use 2FA where possible. I'm not worried about anyone hacking my KeePass because they would first need to get hold of the database then they'd have to take a few million years to brute force the password.

 

I'm kinda curious about the "KeeWeb". Seems like it would be a nice addition to a home "cloud" server.

Link to comment
Share on other sites
G+_Ben Reese Newbie

G+_Ben Reese

Posted
Posted

Darryl Gibbs When I think of a home server, I don't usually think of very high specs. A Synology NAS is usually more than plenty for most.

 

Mine is a 9 year old Core 2 Quad with 7 GB RAM (I've just added RAM as I could find it). Storage is currently a shameful mess with old laptop drives hanging by power cables ?.

 

We have 200×20 Mbps service from Time Warner/Spectrum, so that's sufficient for most of my needs. I wouldn't invite strangers to hit my home servers, but sending a family member or friend a link to something on ownCloud or streaming Plex remotely is just fine.

Link to comment
Share on other sites
G+_Ben Tyger Newbie

G+_Ben Tyger

Posted
Posted

I do this all the time. Here's my setup.

 

I use Keepass 2 for my password manager. I store my kdbx file on my owncloud instance. Any cloud based file storage that supports WebDav works well. The main reason I use Keepass 2 is because of these reason: great concurrent edit support, secure file storage, good cross-platform support, and possible browser integration via plugins.

 

Then I protect the kbdx file with both a password and a key file. The kdbx file stays on the cloud storage for easy synchronization. The key file is NEVER put in the cloud storage. It is transferred to trusted devices via some other method. SCP for example. This way, even if the cloud storage is compromised, at attacker wouldn't have the key file.

Link to comment
Share on other sites
G+_Scott Dible Newbie

G+_Scott Dible

Posted
Posted

I'm using Enpass. It's free for desktop and a one time purchase for mobile. You can try it for free with limited access to passwords on mobile.

 

It's not open source, but the encryption is. You store your password file encrypted on any number of services, and Enpass automatically syncs it across platforms.

 

For me, it strikes a good balance security and ease of use.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...