Just wondered what people are using for their password management.
I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.
So is it worth the switch? Will I lose out on anything by doing so?
I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.
Just interested in your thoughts and trying to stimulate conversation!
Bitwarden is open source (https://github.com/bitwarden) and was audited by privacytools.io, so I’m in team bitwarden !
It is perfectly integrated with all my devices and browsers, and it’s free to use.
Y no one mention self hosted valutwarden
Been using Bitwarden for some time. Really like it.
If to choose it will be Keepass 🙂
Same. I even self-host it now, no getting caught up in massive data breaches for me!
I feel way more comfortable with having this one file than relying on some cloud-someone-computer thing. And experience is smooth thanks to Syncthing.
Jup bitwarden is pretty awesome! I use a self hosted vaultwarden. You can link it with the bitwarden browser extensions.
FYI privacytools[.]io has long been commandeered by the BDFL who apparently accepts—how do i put this impartially?—financial incentives for supporting specific software.
Privacyguides.org is the version maintained by the original privacytools team that have been doing the lion’s share of the work since 2019
There’s a huge drama between privacytools and privacyguide, I’m not sure anyone here can tell what happened internally after reading both side of the story.
Yes privacy tools accept sponsoring but it should be transparent about it ? It was the case before, I’m not using the site anymore so idk if things have changed in a bad way I’m sorry I promoted it.
Question for you since you mentioned how it’s integrated with all your devices. I currently do not use a PW manager (I know, shame on me). Let’s say I get bitwarden, do I need to go back and change every password on every website to the bitwarden-generated password?
It just seems like I’m “In too deep” in a way where it’ll be a pain in the ass to set up.
When I switched to bitwarden I updated my password to a more secure (bitwarden-generated) password each time I logged into a site and stored it on bitwarden. Painless. That’s how I got better passwords across the board and incrementally moved over to bitwarden.
Are you forced to? No. Should you anyway? Yes. I did what @else@lemmy.fmhy.ml said: just change them when you login. That way it doesn’t feel like a grand undertaking, and you still end up with extremely secure passwords that you don’t have to remember.
Also, i recommend generating your master password. If my senior mom staring down the barrel of alzheimers can remember a 12-digit string of random characters (after emptying out all the space wasted by a few dozen passwords), you can too
If you have stored your credentials in your browser, you can export them to Bitwarden. It’s fairly easy and will save you a lot of time.
The point of using Bitwarden (or any password manager) is that you have no idea what your password is. From a security pov you « should » update your credentials but no need to rush, one step a time 👍🏼
I started using bitwarden half a year ago and this is what I did. But once again moved, I Figured it worth nothing if I have weak and shared passwords across apps and sites. so eagrly I changed all the password on accounts that hold my financing details (bank, google, PayPal, etc…) and then lazily, every time I had to go to a site like lemmy for instance I changed it on the way
Does anyone know about SafeInCloud?
No I’ve never heard of it, but have just searched it and am having a read.
Another vote for Bitwarden. I love it and recommend it to everyone.
Another vote for Bitwarden
I’m using a combination of KeePassXC on Windows/Linux, KeePass2Android and Syncthing for database synchronization, plus a Yubikey for 2FA. Granted, it’s not a setup I’d recommend towards non-tech people, but it would take a lot before I’d switch:
- Works completely local, so I never have to worry about being locked out for any reason.
- Despite that, I still get the benefits of online synchronization through Syncthing.
- KeePassXC has by far the most powerful autotype functionality, which is a big timesaver since I often need to type passwords into non-browser windows.
The last point in particular was a dealbreaker when trying out Bitwarden/Vaultwarden a few years ago.
Bitwarden.
I just use firefox to remember my passwords
is there an advantage to switching to some third party app like bitwarden?
I feel like firefox is good enough and very easy to view/manage my passwords, but open to arguments why others are worth switching to
How does it store them though? I thought (this was maybe long ago) they they were stored plaintext on your machine instead of in an encrypted vault like password managers.
I’ll be honest, I have no idea how secure the firefox passwords are stored… maybe I should actually research this some more
but I would hope Mozilla has a reasonably secure method in place
App fill is a pretty useful feature of most third-party password managers. When I open an app on my phone, it will recognize which login(s) are associated with it and autofill.
Also, the ability to create and store secure notes has proved invaluable. I don’t want to store things like safe combinations in plain text in my Google Drive.
KeePass for me. I manage my own database, don’t rely on clouds and etc.
keepass
Bitwarden.
I used to have 1PW, but their browser plugin just completely stopped working for me (and a lot of others).
Then I switched to BW. It has so much better UI, plugins and apps. Oh and it’s cheaper.
And if you want, you can host it yourself
Keepass, Keepass2Android and Syncthing to share between devices.
I was using Bitwarden for a few years, it is a great option. Once you’ve adjust your workflow over to it I doubt you’d miss 1pass
I recently switched to Proton Pass as I’ve moved over to their ecosystem, it’s it’ll pretty early days and it’s got it’s problems but I am finding it reliable so far
You’re all awesome. So much feedback for me to work with.
I’d say the vast majority are recommending Bitwarden (or Vaultwarden should I want to self host), with lots of shoutouts for 1Password as well. Honourable mentions for KeePass as well as a few others.
I’ll continue to run Bitwarden in parallel to 1Password for a little while longer to see if I prefer one over the other. I’ll definitely look into self hosting it as well, although I don’t currently have a domain name so would either have to get one or do the slightly more convoluted method of getting self-signed certificates.
Thanks all for taking the time to indulge me — very much appreciated.
Another vote for Bitwarden
There’s no point switching if you are using either of these two, so I’d just keep 1Password.
I guess one is considerably cheaper than the other, so there’s that.
But yeah, other than that, no real reason to switch if there is parity on the functionality.
Barely for a family subscription that they are using, I think 1Password is worth the extra for the polish it has and their support. I suppose if you had a family of 6 then Bitwarden gets a lot more value back as I believe 1Password’s is only 5 members included and $1 for extra beyond that.
