Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I’m done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I’ll use Bitwarden. Thanks for recommendations! Now I don’t need to worry about forgetting passwords anymore. 😄

Edit 2: It seems I’ve forgotten my email password as well as a few other accounts I haven’t logged into for a while. Damn, should’ve used a password manager earlier.

  • @ChrislyBear
    link
    English
    9
    edit-2
    1 year ago

    Keepass all the way. Checks all the boxes. Access via browser: If you have a Nextcloud instance, theres a NC-Addon to open kdbx files in the browser.

    re: Bitwarden I tried it and it wasn’t sufficient for me. Is it now possible to also store and generate TOTPs? Can you store SSH keys and retrieve them directly from the password storage?

    • knoland
      link
      fedilink
      9
      edit-2
      1 year ago

      You definitely do not want to generate TOTPs in your password manager. That makes it a single point of failure in the event of a breach.

      • @[email protected]
        link
        fedilink
        31 year ago

        As stated by keepassxc: yes to in the same database results in a single point of failure but the easy and good solution is to store them in a separate database. Definitely more secure that stuff like some authenticator app on the same phone where the otps are used

      • @ChrislyBear
        link
        11 year ago

        You’re right, good point! I’m going to separate the OTPs out of the DB right now. Thanks!