@b33fpebble @jnbhlr @yassie_j personally, I think that tools like https://enpass.io work well as that they offer #AutoFill only on legitimate or rather known domains, so #Typosquatting-based #Phishing doesn't work.

Plus they don't do fully-automatic auto-filling but rather expect the user to choose the credentials in an overlay offered by the extension.

So it's not as if one can provoke logins just with an HTTP(S) request.

Even then #Enpass still demands one to enter a Password or PIN.

@roywig @thatandromeda @leak it is "good enough", cuz we ain't 15 years ago where eberything needed archaic commands.

#Thunderbird integrates #OpenPGP / #GnuPG out of the box for some time.
#Gaijim & #MonoclesChat do support #XMPP - #OMEMO and #PasswordManagers like #Enpass are so easy, it literally took me 5 minutes to explain the use and setup a complete #Noob in it.

People aren't stupid, they are lazy and get groomed into being #TechIlliterate #Consoomers...

That is the problem!

@JorisMeys @androcat

Or you could just set it up for them once [incl. a #PasswordManager to store the credentials - https://enpass.io / #Enpass is an option if #KeePassXC / #KeePassDX is "too complex" to use] and get it over with...

Maybe people hate me at the beginning for being a Benevolent Dictator but over time they all came around and understood...

@wolfram_roesler @sindastra Same here, #Nextcloud rules. Using #Enpass instead of KeePass but the same principles apply.

@sindarina @1password well, @enpassapp@bird.makeup / #Enpass does allow differenciating said secrets as well as excluding them from "strenght checks"...

@Lunatech THIS is why I use #Enpass...

All those shitty "#Cloud" & #SaaS options really piss me off...

Because there is no cloud, only other corporations' servers.

Also I think #SelfHosting - like #SelfCustody is such an elemental User Right that I flatout refuse to use shitty software that denies me that level of control!

@ReginaMuehlich
1. #Passwortmanager ohne #Cloud (-Zwang!) nutzen (egal ob #KeePassXC / #KeePassDX oder #Enpass o.ä.

2. Sichere Passwörter erstellen (soehe https://github.com/kkarhan/misc-scripts/blob/9f67c4fdcda61f1ca91c70597732c492af460c33/bash/.bash_aliases#L5 ).

3. Zeug nur vollverschlüsselt speichern!

@calculsoberic #Enpass's desktop app only requires registration once.

I'm planning to buy the full, one-time price cuz I hate subscriptions.

And @nextcloud is something one can self-host.

Also Enpass can sync to anything - including random folders you can write into...

@foss_android #Enpass (since it's really multi-platform and easy to use for #TechIlliterate "#normies") and #KeePassXC + #KeePassDX.

@Sebastian @iX_Magazin Ich selbst empfehle ja #Enpass für #TechIlliterates / "#Normies" die nicht #KeePassXC / #KeePassDX oder distributionsspezifische Tools.nutzen wollen oder können.

Vorallen weil's ohne #Cloud - #Bullshit oder #Abozwang kommt.

@Anti-authoritarian Use a good #PasswordManager like #Enpass or do #rsync over #ssh to a secured & fully-encrypted system?

@bryanbrake @docRekd also #Enpass - like #KeePassXC & #KeePassDX can sync vaults and thus allow for easy exchange of said credentials if needed, which is something I use constantly because one needs to be able to change credentials and seamlessly update them...

@bryanbrake @docRekd For #TechIlliterates and #Normies who need an idiot #PasswordManager I can recommend #Enpass since it doesn's solely run on #Windows, #macOS & #iOS but also #Android and #Linux.

It just works and integrates seamlessly with an extension into the Browser.

I disrecommend using the Browsers' password storage as the Browser is the most attacked surface that isn't MicroShit Bloatware / Govware

@sindastra @clarity99 well guess what?

If I'm gonna use any software, I've to comply with the TOS for their licensing.

Also my use-case may not strictly be "personal" & "non-commercial"...

So yeah, that isn't a wrong choice...

Also #Enpass doesn't charge me or any of it's users for #SelfHosting and in fact they host no data outside of licensing and support inquiries.

https://www.enpass.io/pricing-business/

@sindastra IDK.
I use #Enpass because unlike #BitWarden they don't charge for #SelfHosting (just why they do it is beyond me!) and all vaults are locally...

@amshepherd still, #1Password has the same core issue: #data can only be stolen if they have access to it and/or host it.

That's why I recommend using #Enpass or #KeePassXC / #KeePassDX instead:
Only data you've given to others can be breached.

@risottobias personally I prefer #KeePassXC / #KeePassDX and #Enpass...

@leatherface thanks for the suggestions! Im not very familiar with #Keepass #Enpass #Passman or #Passwords I’ll have to look into them further :blobcatthx:

@nixCraft OFC one should always use a #PasswordManager.

Besides #KeePassXC & #KeePassDX there's als #Enpass if one needs something truly cross-platform and with near-zero learning curve for #TechIlliterates...

Unlike those "cloud"-based password managers, you have control over the data.

@epixoip @sc00bz Q: Why did yu not recommend solutions.that let the user control where the data is stored (i.e. https://enpass.io / #Enpass ) or that are FLOSS (i.e. #KeePasssXC / #KeePassDX)?