![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
gdtThe save people the trouble, if you decide you need a serious password store for Linux here is what you need.
KeePassXC — a password database. Install keepassxc on Linux, create a database, import keys, use a keyfile on the local disk. Copy the password file to Google Drive.
KeePassXC-Browser — a Firefox, Chromium and Chrome add on. Start KeePassXC, install plugin, link browser and database.
KeePassDroid — a version of keepass on Android. Open Google drive. Click on Passwords.kdbx, select "make available offline", select "open with... keypassdroid". Put a copy of the keyfile on your mobile.
andOTP — a TOTP and HOTP generator for Android. (Don't bother with FreeOTP, it's essentially unmaintained. The sole maintainer's security model isn't a good fit for non-enterprise use, a point he's unwilling to accept despite issues with the security model being repeatedly raised. This is most apparent around backups of the database.)
Fdroid — a non-Google app store. Use this as the source for KeePassDroid and andOTP if you are worried about Google Play Store.
Gimp — a graphics editor. When you enable one-time passwords for a site use Gimp to grab a copy of the QR code containing the OTP key. This is the surest backup to the OTP database and prevents being locked into one OTP app.
As you load passwords into the database it is a good moment to go and change shared or non-complex passwords. As a result loading the database can take about a week. But the payoff in security is huge.
As you encounter sites which support one-time passwords also set up OTP for those sites. Some samples are: Amazon, Evernote, Facebook, Firefox, GitHub, GitLab, Kickstarter, Microsoft Live, Tumblr.