I use KeePassXC and synchronise it with syncthing. This allows me to keep it off devices I have no control over (OneDrive servers) and also allows me to have per device version history.
I was about to type the same, I use syncthing all the time for other things but it’s literally the best way to keep my passwords on my laptop, phone and desktop, never passes any cloud service and then I just use KeePassXC and KeePassDX with a YubiKey to make sure everything is top notch.
Basically, my password manager only opens when I this USB stick plugged in called a yubikey (and also a password) if you are missing either the password or the yubikey then you can’t open my passwords. It’s a sure way to know that it’s you! P.S.: Always have a copy of your yubikey, don’t wanna lose it and lose your passwords…
+1 for bitwarden. The only problem I encountered was all of logins are saved from login folder. Now I have 100+ saved passwords on single folder and have to scroll or search for this mess. But I think that’s on me.
Would be better if the app has a “add to new folder” prior to saving passwords.
I can’t imagine life without one. So many bad password habits can be eliminated by using a password manager to generate a strong, unique password for every site you use, and devoting your limited password-remembering powers to one decent master password. (Or better yet, secure your password manager further using other forms of authentication.)
It’s not just for helping you (and your less technically inclined friends and family) remember and use strong, unique passwords, though. Since a password manager only recognizes the real web address that any given password was designated to, it won’t be fooled by a scam website using a similar-looking name to a legitimate one. While this doesn’t eliminate the risk of falling for a scam, every little bit helps, no matter how skilled you are at cybersecurity.
I use Bitwarden, which I’ve been using ever since Lastpass started limiting you to using a single device class (mobile or desktop) for free accounts. It integrates with both Firefox and Chromium-based browsers and with the password manager features in smartphones. Their free account is nice, but I went with the paid option so that I could keep and use 2FA passcodes within Bitwarden itself. There have been several debates between doing it like this versus using a separate authenticator app, but I feel like it’s both very secure and really, really convenient. It encourages me to use increased security on every website that supports it.
KeePassXC here. Locally encrypted, Locally stored, cloud backup of an encrypted file, synced with SyncThing to mobile devices. I will never trust nor recommend a cloud based manager with all the breaches.
Oh yeah, someone, finally :D KeepassXC on PC, KeepassDX on Android, Syncthing for synchronization. I like when my password is just one file, that I can easily backup, not some cloud thing 🙂
Yeah, KeePassXC + SyncThing all day every day. Can’t in good conscience trust someone else with my sensitive data, even if I encrypt it before it gets to their servers. My database is keys-to-the-kingdom level shit.
Same! I’ve got a script that runs weekly to back mine up in 5 different places including a synching folder. No surprises, no losses, and no need to trust anyone else ever with my entire password db.
Bitwarden fan over here. Been using it for a month and I have just 1 complaint; can’t sign into the Android app. Signing in with my mobile browser works though. No idea why the app is being fussy. I’ll contact them about it when I stop being lazy.
Been on bitwarden for 3 years and same. Tried to log into an old account a week or two ago, and realized I hadn’t added it to bitwarden. It was exhausting going through the forgot password bullshit and trying to remember old passwords and stuff. BW makes life better.
Use KeePass, sync the passwords with your preferred service (I use Dropbox), then use another method to transfer and save a key file to use together with your master password.
Anyone not using a password manager is shooting themselves in the foot and often time not realizing till its too late. Along with that sign up for a service that notifies you of data breaches, I think bitwarden has one built in (might only be for subscribing members though) and there is always haveibeenpwned.com
I think it’s both a good thing, and a crutch. I feel the fact that most services are rendered unusable without an account is sad, and with the 100’s of accounts one is expected to have a password manager is sadly needed if you can’t memorize a password or can make passwords with a consistent pass phrase.
Do I use one?
Nope, I have a password system which is good enough for most accounts that’s always more than 7 character long and unique for each account without being lost to me. The only time it has failed as when my work decided to have us change our passwords every quarter, and I ran out of password ideas.
Add comment