Security and convenience are opposites. You have to decide if you want a local-only manager that is more secure, a sync service like syncthing that you can set up yourself, or a third-party cloud app like LastPass (which has been compromised at least once that I know of).

Personally I just do all my email and banking on my desktop at home, and it's actually only inconvenienced me a few times over the years.

[–] Hexarei@programming.dev 1 points 11 months ago

I store mine in a selfhosted Nextcloud instance accessible only via a Nebula overlay network (alternative to tailscale) and it's both convenient and secure.

[–] Paradachshund@lemmy.today 1 points 11 months ago (1 children)

Sticking to desktop only wouldn't be realistic for me unfortunately. Sounds like the solutions aren't quite there yet for an average user.

[–] 0xD@infosec.pub 2 points 11 months ago* (last edited 11 months ago) (1 children)

They are, just use a normal one (I use bitwarden) that you can access from everywhere and protect it with 2FA.

The goal is to have varied, secure passwords across everything.

[–] Paradachshund@lemmy.today 1 points 11 months ago

I've heard a lot of people mention that one so I think I'll check it out. Thanks for recommendation.

[–] itslilith@lemmy.blahaj.zone 1 points 11 months ago

the only thing that gets less secure is more devices potentially compromised, but the act of syncing shouldn't make it more dangerous by itself (if using a key file or a master password too long to be reasonably cracked), right?

or am I missing something?