pull down to refresh

Ever since I joined NOSTR ecosystem, there are dozens of private, public keys along with some passphrases to be taken care of. Keys like
  • nostr - npub and nsec
  • Alby - passphrase and LN key
  • Bluewallet - key
  • Electrum - seed etc.
The advice that I get generally over internet or online guides is to write on a piece of paper and keeping it at safe place. That definitely makes sense for the MOST SECURE crypto wallet, for e.g. Electrum in my case. But keeping keys on piece of paper with their Origin (why is this key used for - nostr or btc or anything else), makes it more probable for attacks and therefore less secure. Also, keeping track of multiple keys offline is hard, and keeping all keys on a single paper/diary/notebook makes it a single point of failure too. Keys for everything else (less serious) that we might need to login casually, like social media or spending as a fluid cash needs to be backed up and safe too.

How you guys all manage to keep everything secure, organized and backed up?

Since I used KeePass for all my credentials since last 5+ years, I am continuing. I am currently using KeePass password manager (with Syncthing; to sync between devices like laptop and smartphone) to keep everything safe. But the UI and the software is not intended to use with passphrases and keys. The default fields it provides contains (Username/Password/Notes). And I write everything in notes which is not super secure way.
Is there any better way to keep keys 🔑 safe and backed up between devices. What is your go to tool?
Please share if your tool is FOSS (Free and Open Source), I would love to switch to that.
Second bitwarden. Self-hosted on Start9. Also use 1password. I do store nostr credentials there and passphrase for hardware signing devices but the 12/24 words never touch anything online.
reply
Never put seeds in a password manager. BIP-85 lets you create a single secure steel seed and then generate new deterministic seeds from it for other uses.
Password managers are good for storing multisig descriptors, xpubs and secure notes to yourself documenting your setup and the recovery process though.
reply
As a temporal quick access I use password managers like bitwarden or keepass. Are easy and safe to use in an offline mode on multiple platforms.
reply
i keep them private:)
reply
Is it still safe if someone knows the private keys but do not know the added passphrases ? Therefore, there is nothing on the origin wallet. Only passphrases has balance.
reply
Very interesting topic!
reply
I keep theme private and safety