aes256-offline VS Bitwarden

Make a hidden Veracrypt vault on cold computer. Inside the Veracrypt vault save Keepassxc vaults. Store your seeds inside the Keepassxc vaults. For a paper backup, encrypt your seeds using an offline AES256/512 text encryptor/decryptor. Encode the encrypted text using an offline qrcode generator. Print out the qrcode. Test recovery using a dummy wallet. Be sure you can scan and decrypt. Bonus: Laser etch the qrcodes on metal plates. Make a multi-factor recovery vault, in case you forget your passwords. Shimar's secret sharing scheme is a useful tool for making your recovery vault. Never store your seed unencrypted anywhere, ever. Never input your seed on an online computer, ever. Always protect your seeds with something you know (password), something you have (vaults and keyfiles). Do not upload your vault to the cloud. Keep backups in multiple locations. Necessary tools: Cold computer: Any old computer will do. Just physically disable network access. Veracrypt: https://www.veracrypt.fr/code/VeraCrypt/ KeepassXC: https://keepassxc.org/ Cross-platform, open-source text string encryptor. https://github.com/a3diti/aes256-offline/ Cross-platform, open source QR code generators: https://kazuhikoarase.github.io/qrcode-generator/js/demo/ https://github.com/amanuel/JS-HTML5-QRCode-Generator https://github.com/nayuki/QR-Code-generator Shamir's Secret Sharing: https://github.com/paritytech/banana\_split

Cross-platform, open-source text string encryptor. https://github.com/a3diti/aes256-offline/

Necessary tools: Cold computer: Any old computer will do. Just disable network access. Veracrypt: https://www.veracrypt.fr/code/VeraCrypt/ KeepassXC: https://keepassxc.org/ Cross-platform, open-source text string encryptor. https://github.com/a3diti/aes256-offline/ Cross-platform, open source QR code generators: https://kazuhikoarase.github.io/qrcode-generator/js/demo/ https://github.com/amanuel/JS-HTML5-QRCode-Generator https://github.com/nayuki/QR-Code-generator Cross-platform, open-source text string encryptor. https://github.com/a3diti/aes256-offline/ Shamir's Secret Sharing: https://github.com/paritytech/banana\_split

For passwords and 2FA I use Bitwarden in combination with a self-hosted Vaultwarden service (for imcreased security and use of pro features for free).

First it's good to use a password manager, however it's not a good idea to use the one built into your browser. I would suggest switching to BitWarden or similar (not LastPass).

I just noticed today when relogging in on Bitwarden (I couldn't sync my vault) that it said "Logged in as [email] on __$2__" instead of "Logged in as [email] on bitwarden.com". I don't know why or how that happened, and I have no idea what it means. Did I screw up somehow? Just to be clear, I did login and just after I logged in my brain realized that it said "__$2__" instead of what it should say.

bitwarden:~$ sudo ./bitwarden.sh updateself _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2023, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 2023.10.3 Docker version 24.0.7, build afdd53b Docker Compose version v2.21.0 Updated self. bitwarden:~$ sudo ./bitwarden.sh update _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2023, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 2023.10.3 Docker version 24.0.7, build afdd53b Docker Compose version v2.21.0 Update not needed bitwarden:~$

Bitwarden (version 8588): A secure and free password manager for all of your devices.

I would also recommend the use of a password manager such as Proton Pass, BitWarden or 1Password if your looking for a more premium solution.

Use a password manager if you do not already and have it generate unique passwords for every website. Bitwarden is one of the best. You should NEVER reuse passwords and should always use unique passwords. It may be inconvenient at first but a password manager like Bitwarden really does make it a whole lot more convenient. Your e-mail especially should have its own unique password. You should also use two-factor authentication on any website that offers it. If you do not have a good AV on your computers, Bitdefender and Kaspersky both offer free options. The website https://haveibeenpwned.com/ is a good place to check if your credentials have been in a data breach.