139
submitted 1 year ago* (last edited 1 year ago) by 001100010010@lemmy.dbzer0.com to c/asklemmy@lemmy.ml

Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I'm done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I'll use Bitwarden. Thanks for recommendations! Now I don't need to worry about forgetting passwords anymore. 😄

Edit 2: It seems I've forgotten my email password as well as a few other accounts I haven't logged into for a while. Damn, should've used a password manager earlier.

top 50 comments
sorted by: hot top controversial new old
[-] gandalftheBlack@lemmy.ml 89 points 1 year ago

Bitwarden is a no brainer. It offers ALL the features that an average user needs in its free plan (which imo all other password managers don't.)

Its also a privacy friendly service which has passed multiple security audits from external entities

[-] onichama@feddit.de 55 points 1 year ago

Yet another vote for Bitwarden. I love that you can access your stuff through a browser without installing anything, I need that sometimes on my work pc where I cannot install anything.

[-] mojo@lemm.ee 34 points 1 year ago

+1 for Bitwarden

[-] miikaroo@lemmy.ml 31 points 1 year ago

Non self-hosted: Bitwarden

Self-hosted: Keepass

Both are open-souce, multi-platform, and free. Bitwarden does have additional paid tiers to include support for things like OTPs. I used to use Keepass but got tired of manually syncing my database; If that's not a problem for you then it's a great choice.

[-] flashgnash@lemm.ee 7 points 1 year ago

Bitwarden supports self hosting doesn't it? There's an option in the UI to specify server

[-] Racle@sopuli.xyz 4 points 1 year ago

Yup, you can selfhost bitwarden and use your own private server to sync between devices.

load more comments (1 replies)
load more comments (4 replies)
[-] teawrecks@sopuli.xyz 29 points 1 year ago

Keepass is

  • open source and free
  • just uses a file, so you can sync it wherever/however you want
  • has a browser plugin with autofill if you're into that
  • is supported on all platforms
  • database lives in an encrypted file that you put wherever you choose
[-] sonstwas@sh.itjust.works 14 points 1 year ago

For syncing I use Syncthing. It's open-source as well and syncs two/multiple devices without the need for cloud-storage

[-] Sarcasthik@lemmy.lif.ovh 29 points 1 year ago

I'll say maybe Bitwarden checks all of that.

load more comments (16 replies)
[-] Trapping5341@lemmy.world 28 points 1 year ago

Another vote for Bitwarden just in case anyone needed one more comment to get them to use it.

load more comments (4 replies)
[-] Gleddified@lemmy.ca 23 points 1 year ago

I don't want to self host

IMO Keepass is not for you then. Bitwarden all day

[-] Candid_Technology_66@lemmy.ml 6 points 1 year ago

But you can sync your database across devices using Syncthing or a cloud storage like MEGA.

load more comments (1 replies)
[-] LoyalOrange503@lemmy.world 22 points 1 year ago

Bitwarden, hands down. been using them for like 7 years now? have got nearly 300 accounts in the password manager, and is fully free. Haven't paid a single penny to them. Autofill is possible, on both android and web browser, although you'll have to set it up through an extension. Fully cross-platform. Used it on Linux, windows, MacOS, IOS, iPadOS, Android. you can access it via a browser, is open source and is hosted by Bitwarden if you want to.

it ticks all your requirements!

[-] Rathernotsay@lemmy.world 5 points 1 year ago

I pay just because I love them and it's under 1$ a month

load more comments (1 replies)
load more comments (1 replies)
[-] techgearwhips@lemmy.world 19 points 1 year ago* (last edited 1 year ago)

KeePass all day. Completely open sourced and free.

I use

KeePassium on iOS

KeePassiumXC on desktop

Keepass2Android (no net) on Android.

All synced via Nextcloud but you can sync via sync thing as well if you don’t want to self cloud host.

[-] Robertej92@lemmy.world 19 points 1 year ago

Guess I'm gonna have to give bitwarden a go, I've used LastPass for years but their quality of service and value for money has plummeted.

[-] Zagorath@aussie.zone 7 points 1 year ago

I used LastPass up until they re-started charging for multiple devices. I was happy to pay LastPass back in like 2013 when they used to charge for multiple devices, but when they decided to bring that charge back in 2022 (or whatever year it was) they were charging an obscenely high amount for it, and frankly the UX wasn't good enough to justify that price. On Android, more often than not I was having to go into the app to copy/paste it, because the native integration just wasn't working.

With Bitwarden I'm back to free, and it works so much better anyway. I never looked back.

load more comments (3 replies)
load more comments (3 replies)
[-] nautical2975@lemmy.ml 14 points 1 year ago

Bitwarden, Psono, Proton Pass. 1Password is not open source but they’re amazing too and most secure because of a layer of protection

load more comments (4 replies)
[-] DoctorWhookah@sh.itjust.works 14 points 1 year ago* (last edited 1 year ago)

*Sees post. Guess I should make sure someone has said Bitwarden.

*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

*Good. I don’t need to reply.

[-] Nikki@lemmy.world 6 points 1 year ago

*Replys anyway

Bitwarden ftw!

[-] idle@158436977.xyz 14 points 1 year ago

Bitwarden, bonus points if you self host it. I use the Vaultwarden variation.

[-] paris@lemmy.blahaj.zone 4 points 1 year ago

This is one of the few things I don't want to selfhost, at least right now. If I fuck something up with Vaultwarden or the PC it runs on, I lose access to EVERYTHING all at once. I'd rather offload that risk to Bitwarden's official server.

[-] idle@158436977.xyz 3 points 1 year ago

As long as you are using it on multiple devices you are ok. If the server goes down the app still works. So absolute worst case scenario, you can just export your vaults from your phone, then sign up for Bitwarden and import it.

I periodically take proactive exports every few months and put them on an external hard drive still though.

load more comments (1 replies)
[-] donut4ever@sh.itjust.works 13 points 1 year ago

You've just described bitwarden.

load more comments (2 replies)

I tried bitwarden and others and finally just settled on the firefox password manager. It does everything I need.

[-] Kajika@lemmy.ml 5 points 1 year ago

firefox

For me the firefox password manager is totally fine : I know where the encrypted file is and I can manually back it up and copy to an other computer ($HOME/.mozilla/firefox/[profile folder]/key4.db + logins.json). You can decrypt yourself the file easily too.

[-] bearfootbees@lemmy.ca 5 points 1 year ago

I use Firefox as well. My uneducated concern. I once installed Chrome on my PC for something specific. During the install, it asked if I would like to import my saved logins from Firefox. I thought: "let's see". In fact, it unencrypted the file, and loaded all my passwords. So, my thought is, of someone was to gain access to that file, how hard would it really be to unencrypted it? If chrome can do it as part of their wizard.

Again, feel free to educate me, but that's my concern

load more comments (1 replies)
load more comments (1 replies)
[-] anguo@sh.itjust.works 3 points 1 year ago

My only gripe is having to insert my password every 15min (afaik it's either that or having all your accessible by anyone using your computer). That and the fact that they discontinued the password manager they had on Android. This is what made me move to bitwarden.

load more comments (4 replies)
[-] jrubal1462@mander.xyz 12 points 1 year ago

After 2 years of ignoring the fact that I use a duplicate password in over 100 places, and that password has officially been in breaches, I finally came to terms with the fact that it was time to find a password manager and generate unique passwords. I didn't do a ton of research and ended up with bitwarden. If I opened this thread to see a bunch of people ragging on bitwarden I was prepared to be VERY upset.

[-] ram@lemmy.ramram.ink 10 points 1 year ago

Bitwarden checks all the boxes. I've had great experience with it. https://bitwarden.com/

I will say, auto-fill on load is a bad idea. On desktop I keep my auto-fill bound to a key so it doesn't actually end up in fields it shouldn't be.

2FA is locked behind the $10/year premium if that's something you wanted, but beyond that the free plan has everything 99% of people will use. They do third party security audits, have public white papers, and is completely open source.

load more comments (8 replies)
[-] Christopher@lemm.ee 9 points 1 year ago

One more point on Bitwarden - when the top password managers were being hacked/exploited, Bitwarden was keen to fix what appeared to be vulnerabilities in an extremely timely manner. I don't remember where I read the article but it still fared best out of all the other managers out there.

It may have been ars technica, I don't remember.

[-] Moondance@sh.itjust.works 9 points 1 year ago
load more comments (2 replies)
[-] Maticzpl@programming.dev 9 points 1 year ago

KeepassXC on PC KeepassDX on android Nextcloud for sync

[-] Generator@lemmy.pt 4 points 1 year ago

Same but I use Syncthing instead

load more comments (2 replies)
[-] Jackolantern@lemmy.world 9 points 1 year ago

Bitwarden is ok

[-] foxinabox@lemmy.ml 5 points 1 year ago

I'd say https://keepassxc.org/ covers all of your needs except the "Can be accessed via a browser" (Autofill works fine with a browser plugin)

load more comments (12 replies)
[-] acetone@szmer.info 5 points 1 year ago
[-] smallpanther@lemmy.dbzer0.com 5 points 1 year ago

I've been using Google's password manager mainly for convenience but had been looking to switch for a while, this thread made up my mind to switch to Bitwarden!

[-] Trapping5341@lemmy.world 3 points 1 year ago

Made the same switch in October last year. Glad I made the switch. My work phone is an iphone and I don't generally use personal things on there but I do sometimes and being able to just login to bitwarden and sign into all my stuff is great. At first the switch sucks because my god did I personally have so many accounts but as you go it gets easier and easier. I recommend it to everyone and generally just get weird looks lol

[-] justsayit@lemm.ee 5 points 1 year ago

Plus one for BitWarden for a great low price/free option that’s open source.

1Password if you have a few extra bucks to spend. I find the look and feel to be worth the money despite not being open source.

[-] kamen@lemmy.world 5 points 1 year ago

One vote for BitWarden.

[-] SeaOtter@lemmy.ca 5 points 1 year ago

Thanks for this! I have been using iCloud Keychain for a while and was generally satisfied. However, it wasn’t until I recently switched from desktop Safari to Arc that I considered a third party password manager, but was stuck in decision paralysis.

Given the overwhelming responses in this post, BitWarden it is!

[-] Curious_Canid@lemmy.ca 4 points 1 year ago

I've been using KeePass since the dawn of time. There are now other good options too, but I haven't seen any compelling reason to switch. It does everything I need both securely and well.

[-] theNoob@lemm.ee 3 points 1 year ago

KeePass for me synced to whatever cloud you want. I use DropBox and the Android client has an option for that to save you work

load more comments
view more: next ›
this post was submitted on 11 Jul 2023
139 points (97.9% liked)

Asklemmy

43944 readers
496 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS