shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

271
active users

#passwordmanager

0 posts0 participants0 posts today

Passbolt 5.3 is now available, introducing custom fields that allow users to attach additional key–value pairs to a password entry or even create standalone entries. This release also includes performance enhancements and bug fixes.

Check out the details in this blog post and see what's coming in the next releases: hubs.li/Q03xr0MR0

PassboltPassbolt 5.3 Introduces Custom Fields and Performance ImprovementsPassbolt 5.3 introduces custom fields, allowing structured key-value data alongside credentials and includes performance enhancements.

📄 Passbolt docs now cover clear admin guidance on resource metadata encryption. This section includes how to generate a shared key, enabling encrypted and legacy formats, and migrating existing resources. The section is a work in progress and will expand as the feature matures.

Read the admin steps here → passbolt.com/docs/admin/metada

www.passbolt.comMetadata Encryption | Passbolt documentation.

Does pass by Jason A. Donenfeld of zx2c4 and wireguard fame support passkeys or have an extension that supports passkeys? And does anyone have experience using a non-internet addressable private git server (local host served from a desktop) to sync to a pass mobile phone client?

I am thinking passkeys are a dead end but the I definitely need a copy of the passwords on my phone.

www.passwordstore.orgPass: The Standard Unix Password ManagerPass is the standard unix password manager, a lightweight password manager that uses GPG and Git for Linux, BSD, and Mac OS X.

Well, great. Now @bitwarden is going to ad AI bullshit to their services. I left Bitwarden a few months back for different reasons but I'm kind of glad that I did. I switched to @1password@1password.social. If they add AI to their services (are they already?), I'm just going to call it quits on all of them and just move completely to @keepassxc@fosstodon.org. I can simply just host my own with Keepassxc and not have to worry about any AI crap. I'm using Keepassxc now but not for everything. That might change in the very near future.

https://nerds.xyz/2025/07/bitwarden-mcp-server-secure-ai/

#passwordmanager #privacy #security

NERDS.xyz · Bitwarden MCP server secures AI access to your passwordsBitwarden releases local first MCP server so AI agents can securely manage passwords without compromising encryption

Is there a term for the class of "credential storage confusion" #security issues, where the user accidentally saves a password or passkey in a vault they don't actively use (browser, #SSO IdP, #passwordManager, OS)?

One thing that made me think of this is having to go through a separate step (like "use a different device") on Android to avoid enrolling the phone as passkey.

I can see how users spread active credentials across multiple services which seems like a massive #infosec issue to me...

Continued thread

(Linux news in original post)

FOSS NEWS

Proton Mail gets Newsletter view to manage all email subscriptions in one place:
proton.me/blog/proton-mail-new
(That's really cool. Now we can tell normies that Proton Mail has this feature and Gmail doesn't lol)

Proton Pass adds 14 new entry types, option to create custom types:
alternativeto.net/news/2025/6/
(Really tempting feature, but personally I would advise against storing every piece of sensitive data in one central database in the cloud. Proton can get hacked any time, like any other company, and also the new Swiss law can force them to hand over all that personal data in plain text, so you can mess up your privacy really badly. I'm not pointing fingers at Proton, but I think this update wasn't quite a good idea, it puts too much responsibility on them.)

Firefox 140 ESR released with unload tab feature, support for adding custom search engines in Search settings, support for keeping more or fewer pinned vertical tabs in view, "Select All" option for bookmarks on Android:
9to5linux.com/firefox-140-esr-

Firefox 141 beta is available with less memory usage on Linux, ability to drag a tab to the pinned tabs tray and drag it out to unpin it, etc.:
9to5linux.com/firefox-141-prom

Mozilla discontinues DeepSpeech, an embedded/offline speech-to-text engine:
phoronix.com/news/Mozilla-Deep
(GNOME: *drops a feature every few releases*
Mozilla: Hold my beer. *drops a service each week*)

(more FOSS news in comment)

Proton · Take charge of your inbox with Newsletters view | ProtonProton Mail's Newsletters view helps you manage email subscriptions, organize your inbox faster, and stay in control privately.

Just coming out of the technical stone age.

My and my wife's password manager since the 2000s is a shared spreadsheet we both know the password to.

I know, I know - not great.

Just started transferring the lot to Proton Pass including some 2FAs from another app. And we can share it across our encrypted accounts.

Just feel like I've woken up to the 2020s on this issue.

New Privacy Guides article 🔐
by me:

If you are an Apple user looking for a free, open-source, and privacy-focused password manager, KeePassium is a fantastic option.

KeePassium offers synchronization options, but allows you to keep your password database offline by default.

It's also KeePass-compatible, which makes migrating from or to any other KeePass-compatible apps easy.

Check the full review here: privacyguides.org/articles/202

Handle MFA like a pro so you don’t get locked out or let the bad guys in

Why you should use MFA, what about passkeys, what kind of MFA to use, how to make it easier to use, and how to protect yourself against being locked out of an account because of MFA.
#infosec #MFA #passwordManager #passkeys
blog.kamens.us/2025/05/06/hand

Something better to do · Handle MFA like a pro so you don’t get locked out or let the bad guys in
More from jik