What password manager do you recommend?

Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I’m done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I’ll use Bitwarden. Thanks for recommendations! Now I don’t need to worry about forgetting passwords anymore. 😄

Edit 2: It seems I’ve forgotten my email password as well as a few other accounts I haven’t logged into for a while. Damn, should’ve used a password manager earlier.

foxinabox,

I’d say keepassxc.org covers all of your needs except the “Can be accessed via a browser” (Autofill works fine with a browser plugin)

Psychosadistic,
@Psychosadistic@r.irithyll.cc avatar

except the “Can be accessed via a browser”

Well - this is a selfhosted solution but still would give the access via browser. keeweb.info

crocodileneptune,

They are searching for a maintainer. I hope they still fix security issues.

github.com/keeweb/keeweb/issues/2022

github.com/keeweb/keeweb/issues/2077

hal_5700X,
@hal_5700X@lemmy.world avatar

Links to KeePassXC’s browser extensions, Firefox, & Chrome/Chromium.

sirnak,

Happy KeepassXC User reporting and there actually is a browser plugin that works flawlessly.

Hubi,

KeepassXC with a browser plugin on the desktop and Keepass2Android on the smartphone. The password files are synced over my self-hosted Nextcloud and backed up to OneDrive. I couldn’t be happier with this setup.

relative_iterator,
@relative_iterator@sh.itjust.works avatar

Same but I’m using strongbox on ios

quortez,
@quortez@kbin.social avatar

I would be happier with KeePass if the Android situation wasn't so bad. The most reliable app still uses UI elements from goddamn Froyo and the more sleek, modern, auto fill aware app can't deal with cloud sync to save its life. I hate it here.

x2XS2L0U,

I use KeepassDX on Android and it feels alright

quortez,
@quortez@kbin.social avatar

KeepassDX is the modern one I'm referring to. Because of the whole Android 11 SAF/scoped storage issue, syncing to databases and clouds that use DocumentsUI (the special folders you see when your Files manager window opens) fails all the time. I've repeatedly lost data due to KDX not properly saving or syncing, causing file conflicts and the passwords I literally just saved to vanish the next time I unlock the database.

The developer's response is that it's everyone else's fault that their apps' SAF implementation is bad, not KDX.

I absolutely cannot recommend using it.

x2XS2L0U,

I use it all the time and sync it between devices without problems…

Schooner,

What are you using for sync? I use Nextcloud and haven’t had any sync issues.

quortez,
@quortez@kbin.social avatar

I've had it fail with most SAF locations I tried after Android 11, especially pCloud. After the database locks and KDX leaves the RAM, it often cannot find the database it literally just saved, and will often just generate a merge conflict to the location it attempted to save. As a result, after you unlock once, it can no longer unlock the database and you have to bring up DocumentsUI again.

Schooner,

You know, I did have this problem like a year ago. Except, it was a problem with saving the database. I don’t know what happened but haven’t faced it in a long time now.

Kekzkrieger,
@Kekzkrieger@feddit.de avatar

is the browser plugin safe to use? it kinda seems fishy

korok,
@korok@possumpat.io avatar

How is the OSX and iOS support for Keepass nowadays? Are there desktop and browser clients for OSX, and what’s the autofill situation like?

Keepass was the first password manager I used and I really liked it, but I had to switch when I started using Apple devices for work a few years back, and the lack of platform support there was a nonstarter.

moonmeow,

Strongbox for ios works with keepass formats.

korok,
@korok@possumpat.io avatar

Writing this down for later, thanks!

japps13,

I like the Password for Nextcloud app. I self-host mine, but I think there might be Nextcloud instances that you can access. It is encrypted, and has an app for smartphones.

RustedSwitch,
@RustedSwitch@lemmy.world avatar

It’s been a long time since I switched to 1Password, but I used to use keepass. I’m not sure whether keepass has a browser extension, but otherwise (if I recall) it checks your other boxes.

1Password is great, even though it’s not open source, and you get to a spot in life where $3/mo is feasible.

andreluis034,

I think bitwarden fills all of your requirements.

majorgator13,
@majorgator13@kbin.social avatar

Currently using bitwarden. Moved over from LastPass. Free and works on browser plus mobile. Like it so far.

ChrV,
@ChrV@kbin.social avatar

Last year I tried (and paid) 1Password.
For the past 6 months I'm using Bitwarden and it's really good. I find 1Password's UI better but if we consider the cost it's better to stay with Bitwarden.

Swuden,

1Password isn’t open source, is it? I use it and I’m super happy with it though. I don’t mind paying a bit for good security. I do wish it was OSS though.

ChrV,
@ChrV@kbin.social avatar

No I don't think it is. I was super happy too but I decided to give Bitwarden a fair try and it's really good too. I only miss the 2FA codes that 1Password filled automatically but I'm using Aegis now since I had some worries about having one app with both the passwords and 2fa codes.

Onionizer,

Bitwarden can auto copy the 2FA code so you just hit ctrl+v

ChrV,
@ChrV@kbin.social avatar

Not in the free version unless I'm mistaken

skatrek47,

I have also really enjoyed 1password, I also subscribe to Fastmail and the easy to make “masked emails” gives me additional peace of mind and makes that practice of unique or throwaway emails much easier to implement.

ram,
@ram@lemmy.ramram.ink avatar

Bitwarden checks all the boxes. I’ve had great experience with it. bitwarden.com

I will say, auto-fill on load is a bad idea. On desktop I keep my auto-fill bound to a key so it doesn’t actually end up in fields it shouldn’t be.

2FA is locked behind the $10/year premium if that’s something you wanted, but beyond that the free plan has everything 99% of people will use. They do third party security audits, have public white papers, and is completely open source.

hinterlufer,

Email and TOTP 2FA options are available in the free version, YubiKey, FIDO2 and Duo options are only available in the 10$/year premium option.

Moonwalk,
@Moonwalk@lemm.ee avatar

I’m sure they meant TOTP 2FA for the accounts saved in Bitwarden, not for the Bitwarden login itself.

Saintcloud,

I’ve been curious about a Yubikey like option for a bit now. Would you recommend one and if so which type?

dan,
@dan@upvote.au avatar

Get a Yubikey that supports Webauthn and FIDO2. It’s the future of two-factor authentication on the web. At work we use the YubiKey 5C Nano, but I think the entire Yubikey 5 series supports Webauthn.

DuskLoaf,
@DuskLoaf@lemmy.world avatar

Is there much benefit to having access to the 2FA option if I already use RAIVO for 2FA codes.

Interstellar_1,
@Interstellar_1@pawb.social avatar

No, it’s good to have a seperate service for that

Makeshift,

Bitwarden only autofills if the page’s URL is the same as the account in your vault. So it actually helps you make sure that you aren’t putting your info into a phishing site or something

although, I’m pretty sure autofill is disabled by default anyway?

ram,
@ram@lemmy.ramram.ink avatar

Bitwarden only autofills if the page’s URL is the same as the account in your vault. So it actually helps you make sure that you aren’t putting your info into a phishing site or something

This is true, though wasn’t my concern. My concern is that it (and other PW managers ofc) can sometimes fill in fields its not supposed to, and you end up accidentally including a username or password in a GET header.

although, I’m pretty sure autofill is disabled by default anyway?

Auto-fill on page-load is, yes.

Double_A,
@Double_A@discuss.tchncs.de avatar

For important things Keepass (which I sync in Onedrive). For casual things whatever the browser offers… or some random long password and password reset ._.

Dirk,
@Dirk@lemmy.ml avatar

Since you don’t want to selfhost anyway just use the one built-in to your browser. Nowadays you can set up synch with a password

Coreidan,

Terrible idea. Never use your browser to save passwords. Way too easy to hack.

Dirk,
@Dirk@lemmy.ml avatar

I am pretty sure you can provide reliable sources that are not one blog article by one individual telling their opinion.

If it’s really “way too easy to hack” there should be plenty of souces.

NotAPenguin,

Bitwarden

Aussiemandeus,
@Aussiemandeus@lemmy.world avatar

I use Samsung notes. Save all my passwords in there, they’re all different and strings of words with characters in them etc.

Then i lock the note with one secure password.

kvvy,

I'd switch to something like BitWarden.

001100010010, (edited )
@001100010010@lemmy.dbzer0.com avatar

Um… I dont think that’s a password manager…

arin,

Samsung has Samsung Pass for an actual password manager

cwagner,
  • Bitwarden: Paid, but with a free tier, ticks all your boxes
  • KeepassXC: Free, ticks all but browser access (great android and browser integration, though), syncs through any file sync service (WebDAV support makes for a nicer Keepass2Android experience, though)

Note that I’d not recommend Keepass for multiple users, I heard of sync issues there and you can’t do partial shares. Not an issue for me, though. With Bitwarden, the free tier offers 1 extra user.

Personally I don’t want to be dependent on some other service (like bitwarden hosting for me), but also not be reliant on my own server for something as important as passwords, that’s why I’ve been using Keepass(XC) for the last 7 years (thought it was longer, but it turns out I had LastPass premium till 2016. Fuckers).

ebits21, (edited )
@ebits21@lemmy.ca avatar

There’s only two real choices imo.

Bitwarden or Keepass (KeePassXC for desktop, you’ll need one of many app choices for your phone).

Keepass you would sync to your own cloud provider and use a key file for protection.

Bitwarden is the obvious answer that fits all your criteria.

Rakn,

Why are these the only real choices? What makes the others not real?

ebits21,
@ebits21@lemmy.ca avatar

Only ones I trust that are open sourced and have some kind of audit.

Rakn,

Don’t closed ones like 1Password also have audits? But I guess it’s a personal philosophy.

ebits21,
@ebits21@lemmy.ca avatar

Sure. But I wouldn’t trust closed source software for passwords. Personal decision.

ChrislyBear,

What are thr benefits of KeePassXC over the regular “original” application?

ebits21, (edited )
@ebits21@lemmy.ca avatar

I use Linux and flatpaks so XC is the obvious choice for me - much nicer to use across platforms that aren’t a windows and only one available as a flatpak. Nicer interface. Supports TOTP codes (all I use it for, Bitwarden for passwords). More active development.

I use KeePassium on iOS with the same vault.

zahel,

Bitwarden. Either selfhosted or the official

borlax,
@borlax@lemmy.borlax.com avatar

I self host bitwarden currently, but have been playing with the idea of using Vaultwarden instead, just haven’t gotten around to uprooting my working system.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • asklemmy@lemmy.ml
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #