~chambln/cosine.blue

ref: dd51d7651ed0ddea7f39d41b9cc0538e94beb2fb cosine.blue/src/recommended.md -rw-r--r-- 4.1 KiB
dd51d765Gregory Chamberlain Transpose paragraphs 8 months ago

This page is a curated collection of computer hardware and software that I recommend to people. I have thoroughly researched and personally used every item on this list.

This is not a comprehensive list, but I will add to it over time. You can check the history of this page or subscribe via RSS to all changes made across the site.

#Software

All applications listed here are free software, meaning they are released under freedom-respecting licenses.

#Password manager

Don’t reuse passwords. Use a strong, unique password for each online account. Aim for 13 or more randomly generated characters including letters, numbers and punctuation. Anything shorter than 8 can be cracked in milliseconds, and even passwords longer than 20 characters can be vulnerable to dictionary attacks.

I advise against using password managers that are built directly into your web browser since that restricts your choice of web browsers going forward.

#Pen and paper

The simplest method is not to use software at all! Literally write your online passwords in a private notebook and keep it in a safe place; for example, a locked drawer in your bedroom.

I realise pen and paper is plain text, but for tech illiterates who don’t trust themselves to store passwords digitally in a safe way, it is surprisingly effective. Cybercriminals are seldom burglars and vice versa.

This method is not perfect though. It is prone to shoulder surfing and theft. Also, if your house burns down or is flooded then your passwords may forever be lost.

#Bitwarden

Bitwarden is a free/libre password manager suitable for computer users both novice and experienced. There are clients available for all major web browsers and operating systems, desktop and mobile.

All your data is encrypted and stored securely on a remote server where you can’t lose it—just don’t forget your master password!

The canonical instance of Bitwarden (i.e. not self-hosted) offers paid plans, but for most individuals the free plan is plenty.

Licensed under the GNU GPLv3 client-side and AGPLv3 server-side, Bitwarden is a freedom-respecting replacement for popular malware such as LastPass and Dashlane.

#Pass

For advanced users who are comfortable using the Unix shell, managing a personal PGP key pair and maintaining backups, I recommend pass—appropriately dubbed “the standard Unix password manager.”

For an even simpler, POSIX-compliant program: try pash (licensed MIT/Expat).

Pass is licensed under the GNU GPL, version 2 or later.

In addition to the included passmenu script, I like to use the Browserpass extension (via Debian’s webext-browserpass) to retrieve passwords from my ~/.password-store/ and auto-fill login pages in Firefox. It is distributed under the ISC license.