I’m now finally switching away from Windows, bought a new SSD and just set it up, and now I’ve hit a bit of a snag.
I’m using KeePass for password management, but I have my database up on iCloud. The reason for this is because I also have a iPhone and MacBook from which I need to access my passwords and this has been weirdly the most trouble-free and convenient option thus far.
But in the spirit of liberation (and because I don’t want to have to deal with web-based file management) I thought I’d ask around what some good options are. I am renting a VPS so that could be one option, but there I’m also a bit worried about data loss (for example if I stop paying, which is less of an issue since iCloud is free, or they go out of business. yeah I get that Apple bad but they’re a lot less likely to go out of business soon (not that Hetzner is on the verge of bankruptcy but thats my thinking)).
The easiest option would be to just keep it all on my main PC and periodically sync from the other clients, the only issue here is that if my PC is shutdown and I’m not home (which rarely happens luckily) and I haven’t synced recently, I’m fucked.
Option 3 would be to get the stanky raspi I have laying around running, but omg I think it would be more reliably if I just memorized all passwords myself.
Option 4 would be the same as 3 but with the Steam Machine. Which would mean deferring this issue until (or if) they release.
And I’m open to hearing more options that you would recommend.
Depends on how many copies you want, how willing you are to maintain it, and how much you want to risk your database being copied.
Well ideally having it on a VPS would give me on-the-go access to the most recent copy, which might not be as important if continuous background sync between my home PC and iOS really works with syncthing.
Having someone steal my keepass database file would be suboptimal, but not the end of the world. I don’t think (or at least I really hope) that current tech can’t brute-force keepass databases.
Sure they can, but as long as you picked a secure password it ought to take them long enough to make it impossible, in practical terms. Nobody is gonna spend years trying to break the encrypted database of some random Internet user, especially when it might be five or five hundred years till you pop it, and you don’t know which until it’s done.