What password manager do you recommend?

Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I’m done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I’ll use Bitwarden. Thanks for recommendations! Now I don’t need to worry about forgetting passwords anymore. 😄

Edit 2: It seems I’ve forgotten my email password as well as a few other accounts I haven’t logged into for a while. Damn, should’ve used a password manager earlier.

gclawson,

What’s people’s thoughts on Dashlane?

restingboredface,

I used it for a while. It was okay but I got frustrated with some of the UI on Desktop. It struggled to recognize a lot of website password forms so I had to do a lot of manual login entry (even if it was copy paste it was still a pain). I really liked having a desktop app that didn’t require a browser but they stopped supporting it, which was the last thing I was staying for so I dropped it for Keeper, then One Password.

With all that said, it’s one of few pm tools that made it super easy to share passwords securely (more than keeper or Onepassword) , and it was pretty seamless to share logins for household stuff like Netflix and our mortgage servicer. My husband hated using though since he had his own system that preferred using, but used dashlane for things we shared.

Socialphilosopher,

You can use SafeInCloud.

shapis, (edited )
@shapis@lemmy.ml avatar

protonpass for sure.

Bitwarden is great, but it’s way too easy to lock yourself out of it if it’s your first pw manager ever.

maxxpowerr,

What would you suggest to first time users so they avoid being locked out?

shapis,
@shapis@lemmy.ml avatar

Same way experienced users would prevent that.

Write down your password and recovery codes in multiple safe places.

That’s a bit of a hassle. For me at least.

That’s why I suggested protonpass. You can mess up but as long as you don’t forget your pw you are fine.

miku,

Make sure you absolutely know your master password or put a hint as there’s no way to ever reset or recover that password if you forget it

Pneuma,

You could get creative with a premium account “A” where you can designate another person/account “B”(can be free account) with emergency access after a waiting period.

When B requests access it’ll send an email where A can approve/deny access immediately; or if you’re completely locked out, B will be granted access after the waiting period that you can set passes.

B can either be another person you trust, or it could just be a written backup that can be locked somewhere safe but not accessed on a daily basis.

If you want, after designation you can cancel premium and the emergency access will still be active, you just cannot add/edit who has access.

Caaaaarrrrlll, (edited )

KeeWeb. Compatible with anything that uses KeePass files.

It checks more than half or even all of your boxes.

  • Free and Open Source, on GitHub.
  • Can be self hosted. Or go to app.keeweb.info.
  • Can be synced to the cloud of your choice. Even supports WebDAV, which is very lightweight.
  • Encrypted at rest and end-to-end. Those clouds don’t have your decryption key. Decryption happens in your browser client-side.
  • Cross platform. Anything that can load a webpage or is compatible with KeePass can use it. It can be bookmarked to the home screen on mobile and it becomes its own app.
  • Auto fill via hotkey on PC.
  • Supports PINs/Multi-Factor Authentication codes.
  • Can attach secret files like backup codes or SSH keys.
  • Can configure how strong the encryption is on the KeePass file.
  • Theme support.
  • Secrets can be exported.

Edit: in another comment someone mentioned the KeeWeb developer is looking for another maintainer due to their own personal health issues. It’s been stale since mid-2022, while the core is considered still secure there is concern for its dependencies. It can be compiled at home with updated dependencies if that concerns you.

kamen,

One vote for BitWarden.

ChrislyBear,

Keepass all the way. Checks all the boxes. Access via browser: If you have a Nextcloud instance, theres a NC-Addon to open kdbx files in the browser.

re: Bitwarden I tried it and it wasn’t sufficient for me. Is it now possible to also store and generate TOTPs? Can you store SSH keys and retrieve them directly from the password storage?

knoland, (edited )

You definitely do not want to generate TOTPs in your password manager. That makes it a single point of failure in the event of a breach.

EN20,

As stated by keepassxc: yes to in the same database results in a single point of failure but the easy and good solution is to store them in a separate database. Definitely more secure that stuff like some authenticator app on the same phone where the otps are used

ChrislyBear,

You’re right, good point! I’m going to separate the OTPs out of the DB right now. Thanks!

justsayit,

Plus one for BitWarden for a great low price/free option that’s open source.

1Password if you have a few extra bucks to spend. I find the look and feel to be worth the money despite not being open source.

Kristho,

I agree on this one. I used Bitwarden first - but now I’m on 1Password for both work and personal use.

Christopher,

One more point on Bitwarden - when the top password managers were being hacked/exploited, Bitwarden was keen to fix what appeared to be vulnerabilities in an extremely timely manner. I don’t remember where I read the article but it still fared best out of all the other managers out there.

It may have been ars technica, I don’t remember.

jagoan,

If you’re comfortable around *nix stuff: pass. Open source, free forever, you can “host” it with Github private repo.

wuddupdude,

Love pass. Been using it for years. Although I’m not sure how you would get it to form fill and stuff, but I don’t need all that.

jagoan,

It has browser extension for Firefox and Chrome, iOS and Android app. On Mac it can even unlock the master password with touch id.

Personally the android app could be a lot better, although I’m not sure if it’s the app problem or just how Android handles password input from another app that needs fixing.

theNoob,

KeePass for me synced to whatever cloud you want. I use DropBox and the Android client has an option for that to save you work

pirate526,
@pirate526@kbin.social avatar

buttercup.pw

Disclaimer: I’m the developer

lukstru,

As someone who uses Bitwarden, what’s the advantage of using buttercup?

Version,

Definitely Bitwarden, but there‘s also a new product from Proton called Proton Pass. It works similarly to Bitwarden, but a few features are still missing.

DoctorWhookah,

*Sees post. Guess I should make sure someone has said Bitwarden.

*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

*Good. I don’t need to reply.

Nikki,
@Nikki@lemmy.world avatar

*Replys anyway

Bitwarden ftw!

donut4ever,

You’ve just described bitwarden.

steal_your_face,
@steal_your_face@lemmy.ml avatar

I use the managed version of Bitwarden and I like it a lot compared to others.

doppelgangmember,

Bitwarden 100%

elboyoloco,
@elboyoloco@lemmy.world avatar

Bitwarden is the exact app you just described. I use it. It’s great.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • asklemmy@lemmy.ml
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #