a quick note on password managers
Mar. 24th, 2020 11:02 pmThese being a technology I considered suspiciously newfangled, and generally regarded with deep distrust: when I started out with KeePass, with ![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
me_and holding my hand, I explicitly did not try to shift everything over into it all in one go.
Instead, I gave myself the opportunity to hate it.
I set things up with the password database and a key file both stored in Dropbox. And then I started out with two passwords in it: my institutional password, which needs changing regularly but typing infrequently, and a financial password, which needs typing fairly frequently but which I wanted to be much higher security than I was managing with just trying to keep everything in my head.
And then every time I needed to log into something that, well, I don't need to log into terribly often -- every time I ended up grumpily hitting the forgot-my-password link -- I generated a new password with KeePass, and gradually moved things over that way.
It is now several years on and... almost everything is now in my password manager. The executive function involved in switching to (and logging into) another program every time I wanted to log in somewhere was a big conceptual barrier to me getting started, but at this point I've got the keystrokes sufficiently ingrained and enough of my life shifted over that, well, it is definitely less hassle than regular password resets were.
I am happy to answer questions about my personal experiences with & approach to all of this if you have any! But my advice basically boils down to "make it as low-stakes as possible, and as easy to back out of as you can, and take it from there".
me_and holding my hand, I explicitly did not try to shift everything over into it all in one go.Instead, I gave myself the opportunity to hate it.
I set things up with the password database and a key file both stored in Dropbox. And then I started out with two passwords in it: my institutional password, which needs changing regularly but typing infrequently, and a financial password, which needs typing fairly frequently but which I wanted to be much higher security than I was managing with just trying to keep everything in my head.
And then every time I needed to log into something that, well, I don't need to log into terribly often -- every time I ended up grumpily hitting the forgot-my-password link -- I generated a new password with KeePass, and gradually moved things over that way.
It is now several years on and... almost everything is now in my password manager. The executive function involved in switching to (and logging into) another program every time I wanted to log in somewhere was a big conceptual barrier to me getting started, but at this point I've got the keystrokes sufficiently ingrained and enough of my life shifted over that, well, it is definitely less hassle than regular password resets were.
I am happy to answer questions about my personal experiences with & approach to all of this if you have any! But my advice basically boils down to "make it as low-stakes as possible, and as easy to back out of as you can, and take it from there".