Ich überlege, auf einen »Familien-Passwort-Manager« umzusteigen – also mit separaten Zugängen für alle, aber der Möglichkeit, Zugriffe gezielt zu teilen. Hintergrund ist auch das Thema digitaler Nachlass. Wie regelt ihr das in der Familie? Welche Dienste nutzt ihr, was hat sich bewährt?
#security #password #passwort #sicherheit #passwordmanager #passwortmanager
/kuk
Passbolt docs now cover clear admin guidance on resource metadata encryption. This section includes how to generate a shared key, enabling encrypted and legacy formats, and migrating existing resources. The section is a work in progress and will expand as the feature matures.
Read the admin steps here → https://www.passbolt.com/docs/admin/metadata-encryption/
Having just recently switched my password manager to @keepassxc, this is a very helpful blog post from @markpitblado
How to backup your password vault with KeePassXC
https://www.markpitblado.me/blog/how-to-backup-your-password-vault-with-keypassxc/
#passwordmanager #opensource
Does pass by Jason A. Donenfeld of zx2c4 and wireguard fame support passkeys or have an extension that supports passkeys? And does anyone have experience using a non-internet addressable private git server (local host served from a desktop) to sync to a pass mobile phone client?
I am thinking passkeys are a dead end but the I definitely need a copy of the passwords on my phone.
(Linux news in previous posts of thread)
FOSS NEWS
Mozilla VPN Linux app is now available on Flathub:
https://www.omgubuntu.co.uk/2025/07/mozilla-vpn-linux-app-available-flathub
Bluesky introduces improved notification management:
https://alternativeto.net/news/2025/7/bluesky-improves-notifications-with-activity-alerts-new-notification-controls-and-more/
OBS Studio 31.1 released with multitrack video support on Linux and macOS, preview zoom controls, support for additional canvases for Multitrack Video output, AV1 B-frame support for AMF, support for color format/space/range GPU conversion, new UI settings, etc.:
https://9to5linux.com/obs-studio-31-1-released-with-multitrack-video-support-on-linux
LibreOffice Writer Markdown import support is merged, will be available in LibreOffice 26.2 next year:
https://www.phoronix.com/news/LibreOffice-Markdown-Import
(That will be really useful for me when creating downloadable versions of programming cheatsheets for FosseryWeb, because I can just export the Markdown from Joplin, import it to Writer.)
Geany 2.1 released with improved UI and file type support:
https://9to5linux.com/geany-2-1-open-source-ide-released-with-improved-ui-and-file-type-support
KeePass 2.59 released with native Windows 11 support, faster encryption, enhanced security, improved database portability, browser integration:
https://alternativeto.net/news/2025/7/keepass-2-59-brings-native-windows-11-support-faster-encryption-and-enhanced-security/
Ardour drops GTK+ support in favor of its fork, YTK:
https://www.phoronix.com/news/Ardour-Removes-GTK-Option
Calibre 8.6 released with improved database restore performance, support for the La Presse news source, 'Search "not in"' and 'Filter "not in"' buttons for the Manage Authors and Manage Items options, etc.:
https://9to5linux.com/calibre-8-6-open-source-e-book-manager-improves-database-restore-performance
#Apple erweitert Passwörter-App-Unterstützung für Windows | Mac & i https://www.heise.de/news/Apple-erweitert-Passwoerter-App-Unterstuetzung-fuer-Windows-10483159.html #password #passwords #Passwortmanager #PasswordManager #Passkey #Passkeys
Oh good night. My #passwordManager is the last place I want anyone's AI.
Well, great. Now @bitwarden is going to ad AI bullshit to their services. I left Bitwarden a few months back for different reasons but I'm kind of glad that I did. I switched to @1password@1password.social. If they add AI to their services (are they already?), I'm just going to call it quits on all of them and just move completely to @keepassxc@fosstodon.org. I can simply just host my own with Keepassxc and not have to worry about any AI crap. I'm using Keepassxc now but not for everything. That might change in the very near future.
https://nerds.xyz/2025/07/bitwarden-mcp-server-secure-ai/
#passwordmanager #privacy #security
Researchers in the article “ShieldFlow: A Security Framework for OT Systems” (International Journal of Information Security, Springer 2025) highlight passbolt’s role in helping industries securely manage credentials, demonstrating the relevance of open source tools in operational technology (p. 18).
Check out the book here: https://link.springer.com/article/10.1007/s10207-025-01083-3
Apparently it is utterly impossible to program an app to automatically fill in a password based on subdomain or port.
example.com vs site1.example.com vs example.com:9993
Would love a password manager that recognize those as having different logins. People have been asking for this from 1Password since at least 2013, and their reply is basically, you don’t really want that. Apple Passwords, same issue.
Anyone know of an app that can do this on macOS?
Interested in automating Passbolt deployment through Ansible? There's detailed documentation for installation via Ansible playbook.
This installation method is recommended for experienced users proficient with Ansible and requires a clean Debian 12 or Red Hat 9 server.
Documentation: https://www.passbolt.com/docs/hosting/install/pro/ansible/
GitHub repo: https://github.com/passbolt/passbolt-ansible-playbooks
#Bitwarden: “Hey #Siri, make my #password security smarter”
https://bitwarden.com/blog/bitwarden-ios-app-intents-integration/
Cybersecurity expert Alexandre Blanc recently highlighted Passbolt Android 2.1.0's recent update. He covers performance enhancements and expanded translations, now accommodating users in 13 new languages. Open source as always.
Check out his insights in this post: https://www.linkedin.com/posts/alexandre-blanc-cyber-security-88569022_passbolt-release-note-210-passbolt-android-activity-7345833463536607232-tzvp
Paypal stopping me from using a high entropy 32 character password. Cool and Normal for a company that handles money
Is there a term for the class of "credential storage confusion" #security issues, where the user accidentally saves a password or passkey in a vault they don't actively use (browser, #SSO IdP, #passwordManager, OS)?
One thing that made me think of this is having to go through a separate step (like "use a different device") on Android to avoid enrolling the phone as passkey.
I can see how users spread active credentials across multiple services which seems like a massive #infosec issue to me...
What do you guys think of the new 2FAS #passwordmanager ?
In May 2025, Cybersecurity firm Cure53 performed a white-box security audit on Passbolt v5.1, covering the browser addon and API.
The audit confirmed passbolt's overall security posture is robust, with no critical vulnerabilities found. The report included important recommendations around enhancing data integrity mechanisms.
Results of the security audit and report are publicly available at: https://www.passbolt.com/incidents/passbolt-v5-1-security-audit-results
#OpenSource #SecurityAudit #PasswordManager #CyberSecurity