2023 was a record-breaking year for cybersecurity in a bad way. Ransomware payments hit a record high of $1.1 billion, which is likely to…
You must log in or register to comment.
My favorites:
- Proton Pass
- Pros: Aliases, Proton integration
- Cons: No passkeys (yet), native desktop apps in beta
- 1Password
- Pros: SHH agent integration!
- Cons: Least open
- Bitwarden
- Pros: Most open, self hosting option
- Cons: least polished user experience
Proton Pass Pros: Aliases,
1Password technically does have aliases too but it requires a fastmail.com subscription. I use it and it works quite well though.
1Password supports passkeys btw. With aliases via Fastmail.
- Proton Pass
I love Dashlane, someone tell me why it’s bad.
I know they recently published the code for their clients, so that’s a plus. But I can’t find any independent audits for their architecture or clients.
While all mentioned options does have independent audits done.
Aslo more expensive than Bitwarden for example, should u want to pay for premium.
Dashlane’s app experience across platforms was hit and miss for me. 1Password has been much better.
Is Keepass there? Good. Upvote.
Prefer KeepassXC but let’s be honest, the best password manager is the only you actually use and keep using.
Prefer KeepassXC
Why? Keepass has lots of plugins and XC doesn’t, right?
KeepassXC looks better IMO. Also I like that hardware keys work without plugins. Personally I still use KeePass for one feature that XC doesn’t offer.
I like KeePassXC because it’s written in C and is thus cross platform, while KeePass is written in C# and relies on Windows UI libraries. You can run KeePass on Linux (and I did without usability issue for years) but it will look god awful.
I won’t knock plugins, everyone has weird use cases, but I don’t know what people need KeePass to do that it doesn’t already do out of the box. I’ve certainly never felt the need for any.
And that doesn’t get hacked!
Everything gets hacked given enough time. Just not everyone says they were hacked or realised they were.
I would only use KeepassXC
I use Passy because I like the purple UI lmao
Keepass + Syncthing is a great combination.
And with Syncthing’s Untrusted Device Encryption feature I can use my VPS as an extra node for synchronization without worrying touch if it becomes compromised without me knowing.
the file is already encrypted so you aren’t getting much more security
I also sync other stuff, so it’s useful anyway.
And it hides file names and sizes by splitting things up, which puts one extra layer of difficulty for someone trying to find my passwords file to target. I have a much stronger password on the syncthing directory than my normal type-each-time password to open keepassxc.
+1 For KeepassXC, I use it in combination with syncthing to have my passwords available on all devices.
Nextcloud syncs my KeepassXC safe.
Syncthing for me, but Nextcloud has its advantages too.
Been using that same setup and very happy with it.
Same for me
I use keepass with my database on onedrive.
Then i connect every device to said onedrive account, copy the private key manually on each device that i need to use.
I secure my databse with said private key + a passphrase.
Might not be the best setup, but i feel like with passphrase+key i am secure enough to have the db file in the cloud.
you could encrypt onedrive with cryptomator
I’d also put Passbolt on the list, it’s not that well known, but it’s really great. I selfhost it on my home server and I’m very happy with it.
Microsoft Excel file
OneNote page
😱
Post-it notes on the monitor.
Under the keyboard for added security.
That’s terrible practice
Yeah they should be using Office 365 or Google drive.
How about a password manager
Technically Excel and 365 and Google sheets can be a password manager.
My point is shouldn’t be used as a password manager
But during game time, best possible choice.
No, I’m pretty sure it is very much not
No mention of Enpass? Stores more than just passwords, can be synced locally over wifi or in the cloud without using Enpass servers.
It’s not open source and they haven’t had a security audit in a while AFAIK, I used to use it too but migrated to Proton Pass for these reasons https://discussion.enpass.io/index.php?/topic/404-security-audit/page/6/
Been using Enpass for something like a decade and it’s been perfect. One time licenses can be found on stacksocial, I think.
I really enjoy 1Password for easy vault sharing between family members. I was able to get my (not so technically literate) siblings and dad onto my family plan. Baby steps!
KeePassXC my beloved
Any options on StrongBox? It seems like a good option but they don’t quite have the reputation that others have, despite being around since 2017.
StrongBox is just a client that uses keepass databases. I think it integrates well when using Apple devices and you can still use your databases on other platforms.
Ah thanks. Ya it’s Apple only but I like how it doesn’t sync to a central server but will still sync between your devices across your local network. Seems to minimize a lot of attack surface.
Strongbox is great, but expensive. I settled on KeePassium instead mostly based on cost.
It’s only $20 a year or $80 for life. I feel like that’s a fair price to support the developers.
It’s not unfair, but for my use case there are cheaper or free alternatives that work really well.
And I’m Canadian so it’s a bit more than that dollar wise.
That’s a fair point.
Still using KeepassXC on desktop and laptop and KeePassDX on mobile.
This is exactly my setup. How did you know? LOL.
I could say I know because i’m an elite haxxor but it would be a lie. I’m not even at script kiddie level.
File synchronized with Syncthing? :)
I’ve thought about it, but for now at least I just use a USB flash drive to keep the file synchronized.
KeepassXC & Syncthing
And I do keepassdx on Android, with a (phone-specific) database synced with syncthing
P.S. syncthing is fantastic: I hope more people consider hosting discovery servers and especially relays
Syncthing is so good!
