2023 was a record-breaking year for cybersecurity in a bad way. Ransomware payments hit a record high of $1.1 billion, which is likely to…
You must log in or register to comment.
Any reason why Keeper isn’t on the list? Is it bad?
I have used 1Password with the annual plan for years across various browsers and operating systems and have found it to be perfect for everything I need. I will definitely take a look at Proton though.
Is Keepass there? Good. Upvote.
I would only use KeepassXC
Prefer KeepassXC but let’s be honest, the best password manager is the only you actually use and keep using.
And that doesn’t get hacked!
Everything gets hacked given enough time. Just not everyone says they were hacked or realised they were.
Prefer KeepassXC
Why? Keepass has lots of plugins and XC doesn’t, right?
KeepassXC looks better IMO. Also I like that hardware keys work without plugins. Personally I still use KeePass for one feature that XC doesn’t offer.
KeepassXC, Passbolt
BitWarden
Bitwarden + aegis for everything possible.
Authelia or authentik for self hosted stuff.
pass.
and/or Vaultwarden as a selfhosted alternative.
Vaultwarden is a great piece of self hosted server software, which meshes with Bitwarden software perfectly. And for people who can’t self host, IMO Bitwarden gives you more than enough bang for your buck with their own hosting plans.
It’s one of the few examples of software being open source and ethically making money regardless. (For comparison, Standard Notes has tried pretty hard to make sure non-paying users have an inferior experience even if they self-host literally everything.)
I was really disappointed about standard notes’ plans. Took me forever to get everything set up to self host, only to find I couldn’t even use markdown unless I bought a license? Silly.
Yeah, the value of buying a hosted service should be the fact you don’t have to worry about hosting it yourself. Not a tiny piece of Javascript that was grabbed from a third party developer anyway.
I can see what they’re trying to do, but the experience leaves a really bad taste in my mouth.
Standard notes is very unethical. They want you to pay for open source software even if you self host. Very scummy.
I’m excited that the bitwarden phone apps are getting a brand new native version for ios and Android soon.
the current version is not native?
<$1/mo for bitwarden hosted premium is a no brainer for me
Tried, and not a fan off. The organizing features are kind of not what I expected. Sticking to KeepassXC for now.
I’m curious, what features is it lacking that you want to see?
First is the organizing feature. It doesn’t let me to have sub folders which I need to categorize items.
Second is the TAN management to store my MFA backup codes. A feature the original Keepass have but KeepassXC doesn’t. You can use notes to mimic but it doesn’t auto expire after use, i.e. more manual work.
I actually thought the organization stuff is pretty good, coming from keepassxc myself. The way we have it set up is that each of the members of our family all have VW accounts, and we have a common organization shared among us for stuff we all use (e.g. home devices). It’s all in one installation, so it’s pretty convenient. I don’t think I can do the same as easily with keepass.
That being said, keepass is a really solid piece of software. I’d recommend it myself.
Corporate Headquarters
Bitwarden, Inc. 1 North Calle Cesar Chavez Santa Barbara, CA 93103 Bitwarden, Inc. is the parent company of 8bit Solutions LLC
Something tells me they’ll enshitiffy too. It would make me uneasy storing all my passwords with a for profit corp, on their servers.
They’ve already open-sourced all the best parts, and there are independent OSS projects based on that. If BE fucks with their user base, they’d be messing with their livelihood.
I like ProtonPass. It’s nice.
My only complaint is the lack of passkey support. I just want to store my password and passkeys in one place.
And they are really moving quickly with development. I feel like we’re getting new features monthly
Same. The UI is pretty good and modern, they support TOPT and cards as well and the development is being done at a good pace.
+1 For KeepassXC, I use it in combination with syncthing to have my passwords available on all devices.
Same for me
Been using that same setup and very happy with it.
Nextcloud syncs my KeepassXC safe.
Syncthing for me, but Nextcloud has its advantages too.
Keepass + Syncthing is a great combination.
And with Syncthing’s Untrusted Device Encryption feature I can use my VPS as an extra node for synchronization without worrying touch if it becomes compromised without me knowing.
the file is already encrypted so you aren’t getting much more security
I also sync other stuff, so it’s useful anyway.
And it hides file names and sizes by splitting things up, which puts one extra layer of difficulty for someone trying to find my passwords file to target. I have a much stronger password on the syncthing directory than my normal type-each-time password to open keepassxc.
Any options on StrongBox? It seems like a good option but they don’t quite have the reputation that others have, despite being around since 2017.
StrongBox is just a client that uses keepass databases. I think it integrates well when using Apple devices and you can still use your databases on other platforms.
Ah thanks. Ya it’s Apple only but I like how it doesn’t sync to a central server but will still sync between your devices across your local network. Seems to minimize a lot of attack surface.
Strongbox is great, but expensive. I settled on KeePassium instead mostly based on cost.
It’s only $20 a year or $80 for life. I feel like that’s a fair price to support the developers.
It’s not unfair, but for my use case there are cheaper or free alternatives that work really well.
And I’m Canadian so it’s a bit more than that dollar wise.
Microsoft Excel file
OneNote page
Post-it notes on the monitor.
Under the keyboard for added security.
That’s terrible practice
Yeah they should be using Office 365 or Google drive.
How about a password manager
Technically Excel and 365 and Google sheets can be a password manager.
But during game time, best possible choice.
No, I’m pretty sure it is very much not
I get a good reason to stay away from lastpass is their dealing with getting hacked. Valid. However, bitching about not getting to use all the paid features as a free user is ridiculous.
In a vacuum, maybe. But there is a difference between adding new features to a paid plan and removing features from a free plan.
My favorites:
- Proton Pass
- Pros: Aliases, Proton integration
- Cons: No passkeys (yet), native desktop apps in beta
- 1Password
- Pros: SHH agent integration!
- Cons: Least open
- Bitwarden
- Pros: Most open, self hosting option
- Cons: least polished user experience
Proton Pass Pros: Aliases,
1Password technically does have aliases too but it requires a fastmail.com subscription. I use it and it works quite well though.
- Proton Pass
KeepassXC & Syncthing
And I do keepassdx on Android, with a (phone-specific) database synced with syncthing
P.S. syncthing is fantastic: I hope more people consider hosting discovery servers and especially relays
Syncthing is so good!
I use Bitwarden for passwords. Just works so well.
KeepassXC and KeePassium for TOTP codes. I keep the database in the cloud but sync a key with Syncthing that’s needed to unlock the database on the devices themselves.
Locally hosted bitwarden (vault warden) that is only accessible on your local network is the way to go. When a new sync is needed away from home, wireguard VPN to connect back in makes everything nice and secure. Otherwise most of the time the vault is cached to the device locally so you don’t need to phone home to access passwords.
I do it exactly like that, except that im connected via vpn most of the time, since my pihole is also located in my lan
My setup
Exactly my setup
If you are into the command line, pass is also neat. You can even have your keys in a git repo and access it with a FOSS Android app (requires some dedication to set it up). It’s very useful to feed passwords to scripts without hardcoding them in the source.
