I rely on Bitwarden (slooowly migrating from… a spreadsheet…) and am thinking of keeping a master backup to be SyncThing-synchronized across all my devices, but I’m not sure of how to secure the SyncThing-synchronized files’ local access if any one of my Windows or Android units got stolen and somehow cracked into or something. I’m curious about how others handle theirs. Thanks in advance for sharing!

  • fine_sandy_bottom@discuss.tchncs.de
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    This is the way OP. Centralised services are just too much a target for bad actors.

    You already have syncthing so most of the way there.

    Also built in TOTP / 2fa is pretty great.

    • shiftymccool@programming.dev
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Also built in TOTP / 2fa is pretty great.

      I can’t wrap my head around how this is a good idea. Isn’t the idea of mfa to protect against password theft? If your second factor is stored with your password, how does that help anything? Honest question, I see this everywhere but can’t figure out why it’s acceptable with security-minded folks

      • Kayana@ttrpg.network
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        Late reply, but for me personally, I started doing it because my Keepass database is already accessed using two factors (password and key file). Therefore, I’d gain very little by keeping the second factor of those sites external - essentially, those second factors are compounded into the second factor for the database.