~chambln/cosine.blue

483994de2c11cb859ead5c73787dba1de6c8d147 — Gregory Chamberlain 7 months ago c35b3a1
Add password management recommendations
3 files changed, 118 insertions(+), 0 deletions(-)

A env/recommended.md.sh
M src/index.html.sh
A src/recommended.md
A env/recommended.md.sh => env/recommended.md.sh +1 -0
@@ 0,0 1,1 @@
title='Recommended Hardware And Software'

M src/index.html.sh => src/index.html.sh +4 -0
@@ 21,6 21,10 @@

. share/lib.sh

cmark <<EOF
*New:* [Recommended hardware and software](/recommended.html).
EOF

x h2 Posts

find src/article -type f | sort -r | while IFS= read -r item

A src/recommended.md => src/recommended.md +113 -0
@@ 0,0 1,113 @@
This page is a curated collection of computer hardware and software
that I recommend to people.  I have thoroughly researched and
personally used every item on this list.

<small>This is not a comprehensive list, but I will add to it over
time.  You can check the [history of this page] or [subscribe via RSS]
to all changes made across the site.</small>

  [history of this page]:
    https://git.sr.ht/~chambln/cosine.blue/log/master/item/src/recommended.md
  [subscribe via RSS]:
    https://git.sr.ht/~chambln/cosine.blue/log/rss.xml

# Software

All applications listed here are free software, meaning they are
released under [freedom-respecting licenses].

## Password manager

*Don’t reuse passwords.* Use a *strong*, *unique* password for each
online account.  Aim for 13 or more randomly generated characters
including letters, numbers and punctuation.  Anything shorter than 8
can be cracked in milliseconds, and even passwords longer than 20
characters can be vulnerable to dictionary attacks.

<small>I advise against using password managers that are built
directly into your web browser since that restricts your choice of web
browsers going forward.</small>

### Pen and paper

The simplest method is not to use software at all!  Literally write
your online passwords in a private notebook and keep it in a safe
place; for example, a locked drawer in your bedroom.

<small>I realise pen and paper is plain text, but for tech illiterates
who don’t trust themselves to store passwords digitally in a safe way,
it is surprisingly effective.  Cybercriminals are seldom burglars and
vice versa.</small>

This method is not perfect though.  It is prone to shoulder surfing
and theft.  Also, if your house burns down or is flooded then your
passwords may forever be lost.

### Bitwarden

[Bitwarden] is a free/libre password manager suitable for computer
users both novice and experienced.  There are clients available for
all major web browsers and operating systems, desktop and mobile.

All your data is encrypted and stored securely on a remote server
where you can’t lose it—just don’t forget your master password!

<small>The canonical instance of Bitwarden (i.e. not self-hosted)
offers paid plans, but for most individuals the free plan is
plenty.</small>

Licensed under the [GNU GPLv3] client-side and [AGPLv3] server-side,
Bitwarden is a freedom-respecting replacement for popular [malware]
such as LastPass and Dashlane.

  [Bitwarden]: https://bitwarden.com

### Pass

For advanced users who are comfortable using the Unix shell, managing
a personal PGP key pair and maintaining backups, I recommend
[pass]—appropriately dubbed “the standard Unix password manager.”

<small>For an even simpler, POSIX-compliant program: try [pash]
(licensed [MIT/Expat]).</small>

In addition to the included [`passmenu`] script, I like to use the
[Browserpass extension] (via Debian’s [`webext-browserpass`]) to
retrieve passwords from my `~/.password-store/` and auto-fill login
pages in Firefox.  It is distributed under the [ISC license].

Pass is licensed under the [GNU GPL, version 2][GPLv2] or later.

  [pass]: https://passwordstore.org

  [pash]: https://github.com/dylanaraps/pash
    "Simple password manager using GPG written in POSIX sh"

  [`passmenu`]: https://git.zx2c4.com/password-store/tree/contrib/dmenu/passmenu

  [Browserpass extension]: https://github.com/browserpass/browserpass-extension
    "Browserpass web extension at GitHub"

  [`webext-browserpass`]: https://packages.debian.org/stable/webext-browserpass
    "Debian package: web extension for the password manager pass"

<!-- --- -->

  [freedom-respecting licenses]: https://www.gnu.org/licenses/ 
    "Information provided by GNU about licenses"

  [GNU GPLv3]: https://www.gnu.org/licenses/gpl-3.0.en.html
    "GNU General Public License"

  [AGPLv3]: https://www.gnu.org/licenses/agpl-3.0.en.html
    "GNU Affero General Public License"

  [malware]: https://www.gnu.org/proprietary/
    "Proprietary Software Is Often Malware"

  [GPLv2]: http://www.gnu.org/licenses/gpl-2.0.html
    "GNU General Public License, version 2"

  [MIT/Expat]: https://directory.fsf.org/wiki/License:Expat

  [ISC license]: https://www.isc.org/licenses/