Could anyone give me recommendations for a password manager? Google is basically useless now and I don't know anywhere else to ask. 😅
So far, I've never found one that I trust enough to use. I do understand the importance but I'm extremely, incredibly hesitant to hand over my passwords to a 3rd party program. I'm even more hesitant to use randomly-generated passwords that I can't memorize as a backup.
All that being said, here's what's important to me:
Transparency - public audits, published whitepaper, and/or open source.
Export to a printable format. I don't have reliable backups, so this is a must-have!
Works with desktop & mobile Firefox.
Works on Windows & Linux (I regularly use both).
Works on Android - not critical, but would be really helpful.
Can work offline (I don't trust any sync server to stay online).
For everything else, I'm more flexible. I don't mind paying a small amount for a better / more trustworthy option, either.
Any suggestions, recommendations, or just boosts are appreciated! Thanks so much in advance! 💙
@hazel I migrated from Google Chrome to @bitwarden a couple of months ago. The transition was a little slow because I had a lot of outdated passwords saved & I updated 90+% of them with stronger ones using #BitWarden , but now I’m set. Everything is working very well with plugins to Firefox and an iOS app for auto-fill, and I can generate new passwords fairly easily when needed. Highly recommend 👍
Dare consigli sulla #privacy e sulla #sicurezza digitale significa anche andare incontro alle persone nel punto in cui si trovano, consigliando strumenti familiari e semplici da usare ma con meno traccianti per la riduzione del danno.
Usare #Protonmail, #Brave, #Bitwarden, #LibreY o #Presearch, aiutano le persone ad uscire facilmente da Google, Gmail, Chrome e dal loro gestore password perchè trovano soluzioni complete e affidabili su cui migrare facilmente.
Previously, you had to pay for Bitwarden’s premium plan to add 2FA for your stored logins. Bitwarden is claiming they are the only password manager to now include 2FA logins for free.
As a paying customer, I’ve long been using Bitwarden’s 2FA for logins, a ...continues
Just used my selfhosted #Bitwarden instance to send off a document with banking info. I always appreciate this way of sending secure files to clients and other entities--I can set expiration time, number of accesses before deletion, and of course, a password. It's comforting to know that my file isn't sitting in all its unencrypted glory on a mailserver somewhere that any old company sysadmin can access. (This doesn't stop it from sitting on random people's computers forever, though.)
Ach so, 100 Millionen Venture Capital in #Bitwarden. Muss ich meiner Schwiegermutter demnächst etwa schon wieder einen anderen Passwortmanager an die Backe labern? 🙄
Hey #IT and #InfoSec folks, can you recommend a password manager for organizations that's secure enough to not have a major data breach scandal recently (ideally #FOSS)?
Otherwise #1password
We use #keeper at work and it seems to have a lot of management controls. The only thing I don't like about it (as a user) is the search function.
J'essaie #Proton Pass depuis sa sortie (je suis utilisateur de #bitwarden). De savoir que la compagnie derrière, qui est pourtant réputée pour la protection des données, ait commis une telle erreur avec son extension est décevant.
Proton Pass that store unencrypted data ?? 🙄 #securite
For now five days, #bitwarden developers refuse to realize that the problems with their #Firefox extension is solely due to the transfer from GitHub to addons.mozilla.org. The latest version of the extension on addons.mozilla.org is half the size of the previous ones and of the GitHub version (they should be identical!): https://github.com/bitwarden/clients/issues/6286
Somewhat inspired by @theprivacydad's most recent blog post, here's a list of privacy-friendly software that "just works" about as well as (if not better than) more invasive alternatives, even for the relatively non-tech savvy:
Idea: An #opensource#secrets manager, with a fancy web UI like #Hashicorp#Vault, that can organize secrets by folders and deployment target (dev, staging, prod) and the CLI tool can translate those folders, keys, and values into structured YAML or JSON output in addition to environment variables. Additionally, it can import secrets into new projects with structure YAML/JSON into the format.
Small scoop here: In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
"...the researchers learned the attackers frequently grouped together victims by sending their cryptocurrencies to the same destination crypto wallet.
By identifying points of overlap in these destination addresses, the researchers were then able to track down and interview new victims. For example, the researchers said their methodology identified a recent multi-million dollar crypto heist victim as an employee at Chainalysis, a blockchain analysis firm that works closely with law enforcement agencies to help track down cybercriminals and money launderers.
Chainalysis confirmed that the employee had suffered a high-dollar cryptocurrency heist late last month, but otherwise declined to comment for this story."
So I learned the hard way to maybe not randomly generate passwords I don't have memorized at all via services like @bitwarden when I need said password to utilize an app to clock into work, because when there's an issue with the password service missing your encryption key that "impacts a small number of users" and turns out I'm one of the lucky few, it definitely makes things difficult.
Still love #Bitwarden and since I began using it in 2017, have never had to check out github bug reports or community boards or the subreddit to see if others are experiencing similar issues (though to be fair, I haven't found anyone talking about the same error I am getting on any of those sites, and I googled a LOT while troubleshooting).
Out of all the things in #HomeAssistant, nothing felt as difficult as getting #Vaultwarden to work the way I think it is supposed to. And it's the same problem as always with Home Assistant: the person sitting in front of the screen not reading #documentation properly. But thanks to the amazing #Hass community, everything works now, and I start to switch from #1Password to #Bitwarden.
❗️Ricordiamo che entro il 24 gennaio 24 dovrete migrare i servizi #bitwarden ed #etherpad
🔓bitwarden.devol.it è il password manager dei devol che è stato già spostato su https://vaultwarden.devol.it vi preghiamo di migrare il vostro account il più presto possibile, cancellare il vecchio acocount e modificare l'URL nelle app & estensioni.
✍️etherpad.devol.it è il servizio di scrittura collaborativo che è stato sostituito da https://etherpadmypads.devol.it su cui potrete migrare tutti i vostri vecchi documenti
An open source project created and managed by Bitwarden for managing secrets written in Rust!! You DEFINITELY got my attention! I love the idea, love the company and love the language. Cannot wait to test it out and maybe contribute.