Privacy

31284 readers

998 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

Autofill-focused password manager? (feddit.de)

submitted 1 year ago by Pantherina@feddit.de to c/privacy@lemmy.ml

13 comments fedilink hide all child comments

Thanks for all the comments. Currently I use KeepassXD/DX + Syncthing.

I hash my password with fingerprint on Android, keep a seperate database containing that one in another place for backup. Maybe thats stupid, but I cant type on a phone.

On Linux I use KWallet, store the Keepass password there, and have a shortcut fetching that password and inserting it into the Keepass wallet using KeepassXC. Works with one click too.

Problems

all entries are either locked or unlocked
to have autofill working, the app cant be killed (Android)
also, all passwords need to be decrypted for it to work

I dont see that this is the best solution. Decrypted, maybe hashed metadata possible to detect autofill fields, and then selectively unlock the needed credentials, would be better.

you are viewing a single comment's thread
view the rest of the comments

[–] Vexz@kbin.social 2 points 1 year ago* (last edited 1 year ago)

No, it doesn't. I just tested it. I restarted my phone to make sure Bitwarden is closed, Opened the browser and opened a website where I have an account. In the login mask where I was prompted to insert my credentials the little popup appeared and when I tapped on it Bitwarden opened. It wanted me to enter my Master-Password so I did just that and it opened the DB to offer me the entries for auto-fill. You can even set a preference to immediately lock the DB after a single use and to always prompt the Master-Password (+ 2FA (optionally)) if you want.

Edit: Hell, you could even make it completely sign you out after every single use so you'd have to re-enter your email address, Master-Password and TOTP for 2FA. Not even KeePass offers you that level of security because you don't need a username for your DB.