Password Manager?

[Mindovermaster]

I've used LastPass for years now. But right now, it is becoming very strict on free accounts. Asks me about every month to update to their monthly plan in gmail.

 

Is there some better managers out there? I heard of DashLane, BitWarden, etc.

 

What should I go with, and/or what do you use?

[+BudMan MVC]

Yeah when lastpass changed to having like 1 type device.. I moved to bitwarden - haven't look back.   Works on my phone, my pc, etc.

[Mindovermaster]

Yeah, and LastPass free only allows 1 device. I can only use it on my computer. Not my phone, tablet, laptop, etc.

 

BitWarden looks cheaper, too..

 

Edit: I think WarWagon uses BitWarden too, IIRC.

[+BudMan MVC]

I have had no issues with it, migration from lastpass to it was a breeze.  And yeah the price is right

[Xenon]

Bitwarden. I think it is better than lastpass.  Premium is only $10 a year.

[+E.Worm Jimmy Subscriber¹]

I tried them all. And the only one that worked perfectly for me across all my devices was 1password.

 

I don't care that it cost more. What is the difference in my yearly expenses if it is 10 or 30 usd... Minimal. But I want something that works smoothly and that I enjoy using.

 

That's my 2c.  I love it and I recommend it.

 

[thisdude]

I used LastPass for a very long time then jumped between 1Password and BitWarden. I'm currently using BitWarden ONLY because one of my 2022 resolutions was to cut down on subscription creep. But if I had to say what the best password manager is (right now) it'd definitely be 1Password hands down. Their app is beautiful, their tagging feature is awesome especially if you have tons of passwords and keep them for your wife and kids lol. And just a bunch of little things compared to BitWarden such as 1Password gives you a number of how many items you have and within each category BitWarden doesn't. When you click on an item in 1Password it shows you if the URL you saved to it shows the complete web address so you know if it's HTTPS or not. BitWarden literally will just show neowin.net so you have to open it in Edit to see if you have a secure link saved or not. I do like the extra layer of security 1Password has with their secret code you need to use on every device along with your login and password. Their web browser integration is way better than BitWarden. 

BitWarden gets the job done for sure, secure, open source but even then you're trusting someone else and other groups that they checked all the right things unless you check the source code yourself and that's over my head and I've zero desire to do that. But it's very basic not nice to look at like 1Password is. Their subreddit is full of dedicated users so that's a plus when you have questions. Just be careful you're not critical of the app because they are super loyal too lol. 

I'd say go with BitWarden if you're more concerned about saving money or can't afford to pay for a subscription. But if you can afford to pay for a subscription go with 1Password, extra layer of security, way better looking app, load more features and organization tools. Either you one is a good choice, it's just preference after that.

[+warwagon Subscriber²]

On 12/01/2022 at 11:05, Mindovermaster said:

Yeah, and LastPass free only allows 1 device. I can only use it on my computer. Not my phone, tablet, laptop, etc.

 

BitWarden looks cheaper, too..

 

Edit: I think WarWagon uses BitWarden too, IIRC.

I personally still use the paid version of LastPass. I paid for a family account and my mom and sister are on it too. Recently tried bitwarden, but I have a habit with LastPass to click the last pass extension search for the site and click the pass card to be taken there. Bitwarden wouldn't do that. It would open the site's card but you had to click the go to site button, it also wouldn't allow me to print off my passwords. I do like lastpass's print offs. I print them off and put them in a saftey deposit box.

 

I also recently tried 1password. It wasn't too bad. But it always kept locking the extension every time I would close the browser and I have a habit of closing the browser when I'm done. It too also wouldn't let me print passwords. So for the time being i'm still on LastPass.

[Marujan]

notepad.exe

[Mindovermaster]

On 12/01/2022 at 17:34, Marujan said:

notepad.exe

You even know what a password manager does?

[Good Bot, Bad Bot]

On 12/01/2022 at 18:34, Marujan said:

notepad.exe

The perfect app for people who reuse their password and don't want to waste a post-it.

 

[Good Bot, Bad Bot]

Bitwarden user here...  It's audited, open source, cross-platform, and priced right. Please pay the $10 to support them even if you don't use the extra features.

[+mram Subscriber²]

On 12/01/2022 at 15:24, warwagon said:

Recently tried bitwarden, but I have a habit with LastPass to click the last pass extension search for the site and click the pass card to be taken there. Bitwarden wouldn't do that. It would open the site's card but you had to click the go to site button, it also wouldn't allow me to print off my passwords. I do like lastpass's print offs. I print them off and put them in a saftey deposit box.

Is the printing of passwords a free option problem only?  In both the Edge extension and on the desktop I can export / import anything.

Bitwarden web extension: Settings -> (Under "Tools") -> Export vault
Bitwarden desktop client: File -> Export vault

 

Apparently you can use a lot of different ways to export your vault:

Export Vault Data | Bitwarden Help & Support

 

Edit:  I understand you say "print off" the passwords, but I can pretty much assume that you can do a CSV/JSON export and print as you like...

[+E.Worm Jimmy Subscriber¹]

On 12/01/2022 at 16:06, thisdude said:

I used LastPass for a very long time then jumped between 1Password and BitWarden. I'm currently using BitWarden ONLY because one of my 2022 resolutions was to cut down on subscription creep. But if I had to say what the best password manager is (right now) it'd definitely be 1Password hands down. Their app is beautiful, their tagging feature is awesome especially if you have tons of passwords and keep them for your wife and kids lol. And just a bunch of little things compared to BitWarden such as 1Password gives you a number of how many items you have and within each category BitWarden doesn't. When you click on an item in 1Password it shows you if the URL you saved to it shows the complete web address so you know if it's HTTPS or not. BitWarden literally will just show neowin.net so you have to open it in Edit to see if you have a secure link saved or not. I do like the extra layer of security 1Password has with their secret code you need to use on every device along with your login and password. Their web browser integration is way better than BitWarden. 

BitWarden gets the job done for sure, secure, open source but even then you're trusting someone else and other groups that they checked all the right things unless you check the source code yourself and that's over my head and I've zero desire to do that. But it's very basic not nice to look at like 1Password is. Their subreddit is full of dedicated users so that's a plus when you have questions. Just be careful you're not critical of the app because they are super loyal too lol. 

I'd say go with BitWarden if you're more concerned about saving money or can't afford to pay for a subscription. But if you can afford to pay for a subscription go with 1Password, extra layer of security, way better looking app, load more features and organization tools. Either you one is a good choice, it's just preference after that.

This. Exactly this. It is just so much nicer to use then all the other top 5 programs I tried and it always works just like I expect it to. Unlike some other password managers I tried to like.

[+Ely Subscriber²]

Free one: Bitwarden.

Paid: RoboForm.

 

I personally have used RoboForm for years and I absolutely love all the features it has and the ease of use. I also love the fact that it is truly multiplatform, you can use it literally in almost any device out there with a conventional OS.

[+warwagon Subscriber²]

On 12/01/2022 at 20:53, Ely said:

Free one: Bitwarden.

Paid: RoboForm.

 

I personally have used RoboForm for years and I absolutely love all the features it has and the ease of use. I also love the fact that it is truly multiplatform, you can use it literally in almost any device out there with a conventional OS.

They are the ones I used at the very start. I left them because they drug their feet on two factor and their password printouts were and still are ugly AF.

 

Found this on Google images as an example. I really love Lastpass's beautiful printout.  I mean if you only had 20 passwords, the roboform printout would be just fine but not for 500+ passwords.

 

[thisdude]

On 12/01/2022 at 20:53, Ely said:

Free one: Bitwarden.

Paid: RoboForm.

 

I personally have used RoboForm for years and I absolutely love all the features it has and the ease of use. I also love the fact that it is truly multiplatform, you can use it literally in almost any device out there with a conventional OS.

ROBOFORM!!! I think they have to be the OG of password managers. I remember when they first came out and cool it was that it automatically auto filled fields for you lol. I think I'm going to check them out right now solely out of nostalgia!

[thisdude]

On 12/01/2022 at 10:27, Mindovermaster said:

I've used LastPass for years now. But right now, it is becoming very strict on free accounts. Asks me about every month to update to their monthly plan in gmail.

 

Is there some better managers out there? I heard of DashLane, BitWarden, etc.

 

What should I go with, and/or what do you use?

https://www.nytimes.com/wirecutter/reviews/best-password-managers/

I like Wirecutter reviews. I find them to be pretty thorough. 

[+mram Subscriber²]

On 12/01/2022 at 19:06, warwagon said:

They are the ones I used at the very start. I left them because they drug their feet on two factor and their password printouts were and still are ugly AF.

Ok ... really ...

First you say BitWarden doesn't do exports at all, then you say their exports are ugly AF.

You do realize CSV files cannot be ugly.  They have data.  They're basically the same columns between the two products.  I just checked.

Bitwarden defaults to exporting using JSON, so you have to choose CSV.  JSON is better for many reasons including security.  😛  Lastpass doesn't offer that option.

[Circaflex]

keepass FTW

[+Ely Subscriber²]

On 12/01/2022 at 22:06, warwagon said:

They are the ones I used at the very start. I left them because they drug their feet on two factor and their password printouts were and still are ugly AF.

 

Found this on Google images as an example. I really love Lastpass's beautiful printout.  I mean if you only had 20 passwords, the roboform printout would be just fine but not for 500+ passwords.

 

Password printout? I'm not sure what that is. that screenshot, hmmm I can't even remember encountering that. They have improved the interface a lot lately. It looks a lot more modern now. Up until recently I had over 1K passwords, but just last week I started cleaning up, had passwords there from sites that don't even exist anymore, and I'm down to just a little over 500 now. 

 

I also love how they help you increase security, for example, I had a security score of "Average" last week. Now I'm on "Excellent" They help you find all your duplicate passwords if you have any, weak passwords, compromised etc etc.

 

They have not had any security breaches or anything that I know of, either recently or in past years, and everything is very secure.

[+JHBrown Subscriber¹]

KeePassXC, is what I use on Windows, Linux, and macOS. KeePassium, on iOS. 

[Skyfrog]

I've used KeePass for years, it's free and does all I need.

[+InsaneNutter MVC]

On 12/01/2022 at 23:06, thisdude said:

I'm currently using BitWarden ONLY because one of my 2022 resolutions was to cut down on subscription creep. But if I had to say what the best password manager is (right now) it'd definitely be 1Password hands down.

I currently use 1Password 7 which can sync via Dropbox or a network share, sadly the recently released version 8 is subscription only, so I might give BitWarden a try in the future.

 

I totally agree it is the best password manager. Likewise "subscription creep" is real, all these small subscriptions start to add up if you're not careful. 

[SoLoR1]

I used LastPass on a familly sub until they started to complicate with free accounts, even if changes didnt affect me, i switched to BitWarden (on family sub again) and im compleatlly happy with it. I stopped paying them because they where greedy. Also another thing is for BitWarden you can host your own server, if you dont trust them, so this is a bonus (not that im using this, but i might one day).

[ThaCrip]

Password Safe ( https://pwsafe.org/ ) ; "Designed by renowned security technologist Bruce Schneier"

 

I have been using that since about 2005-2007 without any problems and it's entirely offline storage (so make sure to backup the password database file!!! (I always make multiple backups)). Windows/Linux versions are maintained by Rony Shapiro and Jeff Harris maintains the Android version. I never used the Android version, just Windows/Linux.

 

my basic use of it... I just right click the entry in Password Safe and select 'copy' and then 'paste' it into the browser.

 

p.s. the Linux version (which I have been using since basically Jan 2019 when I went to Linux Mint entirely) can be installed with 'sudo apt install passwordsafe' (note: NO space between 'password' and 'safe', it's all one word. so type it just like I mentioned) or to get the newest version... https://sourceforge.net/projects/passwordsafe/files/Linux/ ; currently v1.14.0 from from Oct 2021 as it's a .deb file.

 

-------------------------------------------------------------------------

for those who are paranoid and don't trust a password managers password generation... you can use dice to generate random passphrases or passwords.

 

Option 1)Diceware(passphrase). use "eff.org/dice" (basically this file specifically... https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt ) which basically with each roll of five die you convert that 5-digit number into a word on that .txt file (use CTRL+F on your basic text program to make finding each word much faster).  it's recommended to use a minimum of six-words (77.5bits of entropy). note: I suggest pairing it with your own 'padding' for further increase of security. for example... instead of just typing your six words back-to-back you could do something like... "!!!word1,word2,word3,word4,word5,word6" etc.

 

Option 2)Manual random password generation... https://theworld.com/~reinhold/dicewarefaq.html ; under the "How do I use dice to create random character strings?" section. basically you use three die and with each roll of those three die you then convert to a character on that chart. so if you wanted a 20-character password you would need to role each of those three die at once, at least twenty times to get your 20-character password. I say 'at least' twenty times because it's possible to roll a blank at which point you simply roll again. note: I noticed it usually gives at least one upper case letter, a lower case letter, a number, and a symbol when you do 20-characters for example. it's possible that won't occur, since it's random, but it typically does which helps keep security higher since if someone were to try brute forcing they are going to have to try a lot more combinations.

 

basically a 10-word Diceware passphrase is similar in security to a 20-character randomly generated password... 129.2(10-word Diceware) vs 131.1(20-character random) bits of entropy. I excluded 'spacebar' so I think it should be like 94-characters on a standard keyboard.

 

so while everyone might have their own method of password generation, these are guaranteed secure with sufficient passphrase/password length.

 

but with that said I think a password managers password generation is secure enough and will save time especially given I figure as a bare minimum as long as one is above that low-hanging-fruit standard (i.e. not using weak passwords) they are much less likely for someone to guess their password and in this regard anything a password manager generates will be well beyond that standard.

Edited January 13 by ThaCrip