On Mon, 26 Mar 2018 21:02:48 -0400 rhkra...@gmail.com wrote: > Thanks to all who replied! > > I thought I'd summarize where I am: > > I like three of the suggestions (from what I've seen / investigated > (slightly) so far, but with some comments: > > * pass: appeals to me a lot--the one problem for me (for which I > believe I've found the solution) is that it stores the encrypted > password files in my /home. I have what might be called a > "religious" aversion to storing what I consider "real" user data > in /home. I've looked at the source code, and I see where $HOME is > used to create that directory. If I use pass, I will, at the very > least, modify that in my own copy, but also write to the author and > suggest that he allow a command line parameter (or config file) > change the location of the directory. > > * I like the approach that http://masterpasswordapp.com/ takes to > create passwords and, iiuc, recreate them each time they are needed > rather than storing them anywhere. I'll read up a little more on > that. > > * I haven't spent much time on keepass--maybe in the next day or so > > * I also like the approach suggested by Abdullah Ramazanoglu (and > the somewhat similar Diceware), but I almost didn't find the emails > from Abdullah-- for some reason my email client did not receive > them--I've done a search of all the local email files (on my > computer) (including trash, which I have not emptied in the last > several days), and I've searched the Google email spam, trash, and > all folders. I'll be digging into this and possibly seek help in a > new thread. >
Something I haven't seen mentioned: KeePassX does a kind of poor man's two-factor authentication, allowing the use of both a password and an arbitrary file in its encryption. So it's possible to store the file on your computer(s) and carry the database itself on a USB key, meaning that if either is lost or stolen, there is a bit less urgency in changing all of your passwords. A couple of offline backups of both, of course, should also be kept. -- Joe