Just wondered what people are using for their password management.

I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.

So is it worth the switch? Will I lose out on anything by doing so?

I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.

Just interested in your thoughts and trying to stimulate conversation!

  • @yA3xAKQMbq@lemm.ee
    link
    fedilink
    English
    3
    edit-2
    2 years ago

    Edit: apparently that’s no longer true and I just didn’t notice: https://support.1password.com/autofill-behavior/

    ~I use 1Password, and I’m generally satisfied, but what really really sucks is that it only works with domains, but neither subdomains nor ports.~

    ~So if you’re running your own server that gets annoying extremely fast, because you will have a very long list of suggestions to wade through.~

    With Bitwarden (IIRC) one issue is that you cannot save a password when you’re offline, and – again IIRC – it doesn’t even drop a warning about that.

  • Aielman15
    link
    fedilink
    English
    112 years ago

    I’ve used BitWarden for a few years now and I really like it. I’ve set it up on both my PC and phone browsers, and it does its job well. Never paid anything for it, the free tier is generous enough for casual users like me.

    It being open source sold it for me.

  • Dave
    link
    fedilink
    English
    32 years ago

    Haven’t used Bitwarden, but I’ve heard good things about it.

    Until recently I was using Google Password manager and a half-hearted attempt a “system” for unique passwords. Luckily, I wised up and decided to raise my game… after a bit of research, I went with 1Password, and I’ve been very happy with it.

    The integrations are okay, though not perfect. But the thing that has been most useful for me is the Watchtower stuff that basically gamified my security and forced me to change repeated or insecure passwords. I feel in much better shape now, and feel very confident in 1Password’s encryption model. So, for me at least, it has been worth the money.

    • schmurnanOP
      link
      fedilink
      English
      32 years ago

      Boo, Google! Haha j/k, each to their own 🙂

      1Password has been one of my go-to apps for years now, so I’m clearly happy to pay the $80 a year or whatever it is (I’m a Brit but I think it’s around that price). But it’s very good to know that I can get the exact same (more or less) functionality in Bitwarden for $10 a year. And I have the option to self host on my Docker stack on my NAS should the mood take me.

      I absolutely wholeheartedly agree about Watchtower — that’s a nice little piece of functionality. I saw Bitwarden can check if your passwords have been involved in a data breach, but nowhere near as many little add-ins as Watchtower. It feels like a credit score for your passwords 🙂

  • arthurpizza
    link
    fedilink
    English
    32 years ago

    My work uses 1 Password. It feels relatively safe. They claim that if you don’t have your master key they can’t restore your passwords. Can not ensure the validity of that claim.

    Personally I use Bitwarden and KeePass for my passwords. They are both open source and audited by 3rd parties. I trust them.

    • schmurnanOP
      link
      fedilink
      English
      12 years ago

      I assume Bitwarden is the same in terms of the master password? Again, I can’t say for certain.

      My wife almost lost her 1Password vault due to forgetting her master password. Thankfully we remembered it eventually.

  • Gabadabs
    link
    fedilink
    42 years ago

    I don’t know much about 1Password, but I’ve been using BitWarden for years.
    The autofill feature is nice, but sometimes you’ll have to unlock the vault for it to continue to work, which can be a pain at times. It’s pretty flexible, you can save personal information and cards on top of logins, and it has a password generator built in that I pretty much always use now for making my passwords. It’s not fancy, but it’s really functional, and works on all my devices without issues.

    • schmurnanOP
      link
      fedilink
      English
      32 years ago

      Yeah all similar to 1Password. I think that times out after a week or so, so you have to put your master password in. I like the Apple Watch integration with my Mac so I just double click the Digital Crown most of the time rather than even using Touch ID.

      Sounds like the only thing I’m losing in switching from 1Password to Bitwarden is the ever-so-slightly more polished apps. But functionality-wise… nothing.

  • Asimov's Robot
    link
    fedilink
    English
    72 years ago

    KeePass for me. I manage my own database, don’t rely on clouds and etc.

  • @lackthought@lemmy.sdf.org
    link
    fedilink
    English
    22 years ago

    I just use firefox to remember my passwords

    is there an advantage to switching to some third party app like bitwarden?

    I feel like firefox is good enough and very easy to view/manage my passwords, but open to arguments why others are worth switching to

    • JustEnoughDucks
      link
      fedilink
      English
      22 years ago

      How does it store them though? I thought (this was maybe long ago) they they were stored plaintext on your machine instead of in an encrypted vault like password managers.

      • @lackthought@lemmy.sdf.org
        link
        fedilink
        English
        12 years ago

        I’ll be honest, I have no idea how secure the firefox passwords are stored… maybe I should actually research this some more

        but I would hope Mozilla has a reasonably secure method in place

    • @DAVENP0RT@lemmy.world
      link
      fedilink
      English
      42 years ago

      App fill is a pretty useful feature of most third-party password managers. When I open an app on my phone, it will recognize which login(s) are associated with it and autofill.

      Also, the ability to create and store secure notes has proved invaluable. I don’t want to store things like safe combinations in plain text in my Google Drive.

  • dinckel
    link
    fedilink
    English
    72 years ago

    I’ve been subscribed to 1Password for around 8 years now, and don’t intend to cancel it any time. It’s super convenient, updated frequently, and seems to be audited independently to ensure security too. Just recently they’ve added a few features that make my life as a developer with multiple machines so much easier. OTP on every logged in device too, so I don’t need to constantly migrate the horrible Authy setups, or whatever else people use

    • @einsteinx2@programming.dev
      link
      fedilink
      English
      22 years ago

      Yeah the ssh-agent was something I didn’t know I wanted until they added it. Now it’s so nice not having to generate new ssh keys and update all my severs and VMs every time I set up a new machine, and if/when I need to rotate keys, I only have to update one.