>>54304773
Offline are fine, never give them permission to use the internet.

You should seperate services.
You should never have one key, if someone got hold of it, they would have access to everything.
If you really wanted to use a "one login" solution, use a local password manager.
The private key should never leave your computer.

If you run a bigger system, separate it so nobody can access everything at once.

>>54304773
Enpass is very nice
I'm snychronising via ownCloud
Works great!

Depends on the manager.
If it's an online one, like lastpass, your botnet signals should flare up like mad.

If it's something like keypass, which is GPL, FOSS as fuck, it's as safe as houses. It takes your passwords and AES-256 them. So long as the computer is not compromised and your master password is secure, it's as safe as anything else AES-256 encrypted.
Also a keyfile can be used to counter against keyloggers.

In short, offline ones are as secure as the computer you use them on.

File: 1456564593257s.jpg (2 KB, 125x83) Image search: [Google]

2 KB, 125x83

>>54305107
^ this

If you really care that much about security, you should write down a vector of possible attacks somewhere and think what'd you do in these cases.

>>54305107
>keypass
would that be KeePass? or is it something different?

>>54305107
>KeePass
>Writen in Mono
>Mono is developed by a company owned by MS

Extremely very absolutely not fucking botnet. Use KeePassX

>>54305372
obviously lmao

What do you guys think of enpass? It stores everything locally with aes256 with no Internet uploading. Also has good browser integration and Android app.

Problem is its not Foss, and it's developed by poo on the loos.