Do folks in here use password managers, if so which one would you recommend and why? is it just me or are there fewer people in here than usual? I use https://www.passwordstore.org/ . Except I don't and re-wrote it from scratch, but it's completely compatible. mike-burns: there has to be a good story there Doubtful. The official program is written using GNU Bash, and I didn't feel like installing that dependency. I use the Android app, though. It's nice. On Debian I use the official one. mnathani: passwordstore on unix and 1password on mac, both are pretty decent, depends on whether a GUI matters to you. https://qtpass.org/ - this is the passwordstore GUI. It's not bad! mike-burns: what did you rewrite it in? Shell. nice LastPass here. The Android app is pretty great. Their Chrome plugin is pretty terrible, but it works. Their CLI is actually quite nice. 1password mildly disappointed there's no CrOS or Linux client well, the developers do say run it in wine :P mike-burns sjackso mhoran JC_Denton: thanks for your input doesnt having as single master password to unlock all other passwords make for one single point of failure or if that gets compromised folks have access to everything? @weather auckland Auckland, New Zealand: Rain ☂ 57°F (14°C), Humidity: 99%, Wind: From the SW at 5.0 MPH Gusting to 13.0 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=-36.973896,174.878021 or re-request this with: @weather -v auckland mnathani: ssh keys are liket hat a lot of the time people need lots of stupid passwords with various restrictions that make things more complicated i'm a fan of words and numbers combinations as it's easier to remember for a decent length phrase I guess Multifactor Authentication helps to protect the master passwor I use multi-factor auth plus a very long very unique only ever used once password for LastPass. So sure, if someone gets that password and my YubiKey, I'm in trouble. But also I can pretty easily roll all of my creds and also change them on a regular basis. well, it's definitely a SPOF i wish it had some sort of 2FA like U2F *however* i think if you only put your "vault" on machines you trust, you should be okay because if you're owned there with a keylogger or backdoor, imo, you're fucked anyways also, enable 2FA for your email account and never store your email password in your vault. most services can have the password reset/get taken over once they have your email account. if your vault gets owned, you should be able to recover lots of stuff if you still own your email address mercutio: how's akl going, fairly wet down this way gizmoguy: we just had a flash storm that just went away again it was happening about when i did @weather by we, i mean i. i'm sure other parts of auckland the sun is shining in :) my phone notified me it was going to rain tommorow tommroow being today it's weird how google does that yeah google did that for me too the weather forecast has hardly any rain projected for today maybe it was just that mini storm Total rainfall so far today: 3.8 mm. Total rainfall forecast for today: 6.5 mm that doesn't seem a lot but it's damn cold too winter is coming. mmmm how's hamilton? it's actually ok right now very wet from 10am till 12pm That's what she said!! haha heh last year was actually very mild winter here mjp_: i prefer to run my own mail server ;) hardly any storms, the year before was insane JC_Denton: do you have multiple relays etc? just one do you guys have dkim etc setup for your personal mail servers? yep i only sign for a couple of my domains though yeah the complexity has gone up a lot over time