What is a really smart choice for password manager apps? Concerned about privacy and politically involved CEOs.
I’ve used:
- LastPass
- 1Password
- ProtonPass (Now using)
I thought ProtonPass was a good choice but I’m starting to read more about it. What’s just a really solid choice all around, that you can feel good about? Free or paid.
Keepass
Unfortunately LastPass had some issues over the past years with hacking where encrypted vaults were stolen. Between myself and my friends in tech, I know of a few conpanies that ditched it after that.
For individual/personal use, I’d reccomend KeePass (whatever fork of it is up to date and maintained lately) and using somethung like syncthing to sync it across devices. That may not be super user friendly for non-technical users though, and I’m not sure how well it works with iPhones.
I pay for a 1Password family account. I like it.
Getting the family to use it is hard, but that would be the case with any password manager.
I understand there’s a bit of of bias here, but I’ve been using 1Password for probably 10+ years and have literally never had a problem. Transferred between multiple devices, added family, etc.
Solid as hell and super reliable.
Selfhost if you want, but I’ll take the reliability.
I do selfhost everything I can, but have chosen not to do that with my passwords. It feels to much all-eggs-in-one-basket-y.
1Password also holds my SSH keys and acts as an ssh-agent on most systems, and I also just found out that you can get secrets from your 1Password vault in Python, which means my PyInfra scripts can use it as well.
Yeah, totally agree. I do backups in a similar way. Do I have cloud backups? Yes. Do I also have local? Hell yes.
A combination of the two is likely the best bet but I will say 1Password feels like one of those “oft imitated, rarely replicated” solutions.
Although I’ve also been using Apple’s solution for similar reasons. Works great, too.
iOS users, i guess the best option available is self hosted Bitwarden
I’m similar to some here, using keepassxc and nextcloud
KeepassXC. Sync the file however you want.
diy synchronizing sucks ass. i can never get anything to do it right
I use Nextcloud, which always works well for me. I don’t use Dropbox or Gdrive or OneDrive, but they should work too. What have you been using?
Probably not ideal but I use Google drive for synching and it worked fine. The database is encrypted so, at worst, Google knows I have a password manager.
Syncthing. I’m not sure what I’d do without Syncthing at this point.
Been a Bitwarden user for several years now, both personal and deployed at multiple small businesses.
It has been fantastic the whole time. Pricing is great, open source, runs on basically everything, and easy to use.
KeypassXC if you’re uber-paranoid or a hardcore Stallmanite, otherwise, Bitwarden all day 100%
I use bitwarden for unimportant ones and an offline one for important ones. specifically KeepassXC that was already mentioned.
KeepassXC + syncthing
Fully under your control
Definitely Bitwarden
Bitwarden.
If you want to keep it in a file you want to sync yourself: keepassKeepass + Syncthing is an undefeated combo
There’s a lot of good things here to think about. I asked, there’s a lot of experience out there, and I appreciate all of it. Great community, here!
I’m a massive fan, and long time user, of bitwarden.
It’s so much better since they updated the (IMO) ugly, dated UI design. It looks nice and fresh now. Bitwarden is the MVP.
What’s up with protonpass? Any pointers?
Password manager from proton(protonmail/protonvpn guys)
Yeah, but why wouldn’t it be a good choice?
Oh idk that
That’s alright. Thanks though.
Bitwarden.
You know if you need more than that and if you’re asking on lemmy you don’t need more than that.
Vaultwarden. It’s FOSS Bitwarden. Host it on your own server/machine :)
I would recommend people not do that unless they know they need to and again, if you know you need to you’re not asking on lemmy.
Hosting your own secrets not only puts the burden of protecting, providing access to and preserving the secrets entirely on you, but puts a very unique set of hosting goals squarely on you as well.
Even a skilled administrator with significant resources at hand would often be better served by simply using bitwarden instead of hosting vaultwarden.
An example I used in another thread about password managers was a disaster. When your local server is inoperable or destroyed and general local network failure makes your cloud accessible backup unreachable, can you access your secrets safely from a public computer at the fire department, church or refugee center?
Bitwarden works well from public computers and there’s a whole guide for doing it as safely as possible on their website.
