Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I’m done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I’ll use Bitwarden. Thanks for recommendations! Now I don’t need to worry about forgetting passwords anymore. 😄

Edit 2: It seems I’ve forgotten my email password as well as a few other accounts I haven’t logged into for a while. Damn, should’ve used a password manager earlier.

    • @aloeha
      link
      English
      271 year ago

      I love Bitwarden! The $10/yr subscription is totally worth it too.

      • @[email protected]
        link
        fedilink
        English
        10
        edit-2
        1 year ago

        Can someone sell me on the subscription? I don’t mind paying for it because that’s really cheap but I don’t really understand what exactly it offers. I’ve been using the free version of Bitwarden for years now.

        • Christopher
          link
          fedilink
          English
          41 year ago

          Illl be watching this too - I have bitwarden, managed - but I don’t use a subscription currently.

            • @aJazzyFeel
              link
              English
              41 year ago

              Further: Is there a downside to using Google Authenticator?

                • acqrs
                  link
                  fedilink
                  English
                  21 year ago

                  I’m assuming Google takeout will allow you to export them since Google now backs them up for you, but I haven’t tried.

        • ᗪᗩᗰᑎ
          link
          fedilink
          English
          21 year ago

          I specifically pay them because the money I’m giving them is put (mostly) directly into open source client/server components that benefit everyone at the end of the day, not just myself or the company but “humanity” in general.

          If Bitwarden (the org) disappeared tomorrow, we would all still have access to really high quality software that someone could continue to push forward/develop and I appreciate that confidence and trust that they put forward.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          I personally got it for the reports of duplicated or leaked passwords to make it easier for me to find and update all of my old, bad passwords.

    • @[email protected]
      link
      fedilink
      English
      111 year ago

      Agreed, I’ve been using it for about 6 years after moving from iOS to Android and its great, fits all the points required by OP.

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        1 year ago

        I’m using it since doing the opposite and it works great on iOS. Not sure if it was different a while ago but you can set it as your auto fill password manager.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          I was just relying on keychain whilst on iOS and made me realise after migration I needed something that was platform agnostic.

    • stebo
      link
      fedilink
      English
      91 year ago

      Yep I’ve been using it for a while and it’s great. The Firefox extension is a bit broken tho, as it keeps asking to save passwords which are already saved and there’s no way to turn it off.

    • Christov
      link
      English
      71 year ago

      Another +1 for bitwarden, been using it for years without sub but I could see it being worth it.

    • HSL
      link
      fedilink
      English
      61 year ago

      Bitwarden definitely checks all of that.

    • @[email protected]
      link
      fedilink
      English
      21 year ago

      Also been using this for several years and can concur, simple, easy-to-use, never let me down.

    • Alethe Crow
      link
      fedilink
      English
      11 year ago

      Throwing in for Bitwarden. Works across all my devices and I’m only using the free version.

  • @[email protected]
    link
    fedilink
    English
    891 year ago

    Bitwarden is a no brainer. It offers ALL the features that an average user needs in its free plan (which imo all other password managers don’t.)

    Its also a privacy friendly service which has passed multiple security audits from external entities

    • @odbod
      link
      English
      111 year ago

      This.

      Bitwarden.

      All day; everyday.

      • @NPC
        link
        English
        5
        edit-2
        1 year ago

        deleted by creator

  • Ram
    link
    fedilink
    English
    611 year ago

    Bitwarden checks all the boxes. I’ve had great experience with it. https://bitwarden.com/

    I will say, auto-fill on load is a bad idea. On desktop I keep my auto-fill bound to a key so it doesn’t actually end up in fields it shouldn’t be.

    2FA is locked behind the $10/year premium if that’s something you wanted, but beyond that the free plan has everything 99% of people will use. They do third party security audits, have public white papers, and is completely open source.

    • @hinterlufer
      link
      English
      131 year ago

      Email and TOTP 2FA options are available in the free version, YubiKey, FIDO2 and Duo options are only available in the 10$/year premium option.

      • @[email protected]
        link
        fedilink
        English
        151 year ago

        I’m sure they meant TOTP 2FA for the accounts saved in Bitwarden, not for the Bitwarden login itself.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        I’ve been curious about a Yubikey like option for a bit now. Would you recommend one and if so which type?

        • @[email protected]
          link
          fedilink
          English
          21 year ago

          Get a Yubikey that supports Webauthn and FIDO2. It’s the future of two-factor authentication on the web. At work we use the YubiKey 5C Nano, but I think the entire Yubikey 5 series supports Webauthn.

    • @[email protected]
      link
      fedilink
      English
      3
      edit-2
      1 year ago

      Bitwarden only autofills if the page’s URL is the same as the account in your vault. So it actually helps you make sure that you aren’t putting your info into a phishing site or something

      although, I’m pretty sure autofill is disabled by default anyway?

      • Ram
        link
        fedilink
        English
        31 year ago

        Bitwarden only autofills if the page’s URL is the same as the account in your vault. So it actually helps you make sure that you aren’t putting your info into a phishing site or something

        This is true, though wasn’t my concern. My concern is that it (and other PW managers ofc) can sometimes fill in fields its not supposed to, and you end up accidentally including a username or password in a GET header.

        although, I’m pretty sure autofill is disabled by default anyway?

        Auto-fill on page-load is, yes.

    • Dusk
      link
      English
      11 year ago

      Is there much benefit to having access to the 2FA option if I already use RAIVO for 2FA codes.

  • @[email protected]
    link
    fedilink
    English
    581 year ago

    Yet another vote for Bitwarden. I love that you can access your stuff through a browser without installing anything, I need that sometimes on my work pc where I cannot install anything.

  • @LoyalOrange503
    link
    English
    571 year ago

    Bitwarden, hands down. been using them for like 7 years now? have got nearly 300 accounts in the password manager, and is fully free. Haven’t paid a single penny to them. Autofill is possible, on both android and web browser, although you’ll have to set it up through an extension. Fully cross-platform. Used it on Linux, windows, MacOS, IOS, iPadOS, Android. you can access it via a browser, is open source and is hosted by Bitwarden if you want to.

    it ticks all your requirements!

    • @Concept1037
      link
      English
      121 year ago

      Bitwarden is great. If OP wants they can self host it via Vaultwarden which I’m using. It works perfectly.

    • @Rathernotsay
      link
      English
      91 year ago

      I pay just because I love them and it’s under 1$ a month

      • @LoyalOrange503
        link
        English
        21 year ago

        I would love to, but I’m a bit tight with cash atm. I’ve been meaning to pay the 10-11 quid a year plan just to support them. They’ve given so much to me and I haven’t given anything back :(

  • @[email protected]
    link
    fedilink
    English
    56
    edit-2
    1 year ago

    *Sees post. Guess I should make sure someone has said Bitwarden.

    *Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

    *Good. I don’t need to reply.

    • @Nikki
      link
      English
      211 year ago

      *Replys anyway

      Bitwarden ftw!

    • @[email protected]
      link
      fedilink
      English
      20
      edit-2
      1 year ago

      KeepassXC with a browser plugin on the desktop and Keepass2Android on the smartphone. The password files are synced over my self-hosted Nextcloud and backed up to OneDrive. I couldn’t be happier with this setup.

    • @sirnak
      link
      English
      111 year ago

      Happy KeepassXC User reporting and there actually is a browser plugin that works flawlessly.

    • korok
      link
      fedilink
      English
      11 year ago

      How is the OSX and iOS support for Keepass nowadays? Are there desktop and browser clients for OSX, and what’s the autofill situation like?

      Keepass was the first password manager I used and I really liked it, but I had to switch when I started using Apple devices for work a few years back, and the lack of platform support there was a nonstarter.

    • quortez
      link
      fedilink
      -11 year ago

      I would be happier with KeePass if the Android situation wasn’t so bad. The most reliable app still uses UI elements from goddamn Froyo and the more sleek, modern, auto fill aware app can’t deal with cloud sync to save its life. I hate it here.

        • quortez
          link
          fedilink
          11 year ago

          KeepassDX is the modern one I’m referring to. Because of the whole Android 11 SAF/scoped storage issue, syncing to databases and clouds that use DocumentsUI (the special folders you see when your Files manager window opens) fails all the time. I’ve repeatedly lost data due to KDX not properly saving or syncing, causing file conflicts and the passwords I literally just saved to vanish the next time I unlock the database.

          The developer’s response is that it’s everyone else’s fault that their apps’ SAF implementation is bad, not KDX.

          I absolutely cannot recommend using it.

            • quortez
              link
              fedilink
              11 year ago

              I’ve had it fail with most SAF locations I tried after Android 11, especially pCloud. After the database locks and KDX leaves the RAM, it often cannot find the database it literally just saved, and will often just generate a merge conflict to the location it attempted to save. As a result, after you unlock once, it can no longer unlock the database and you have to bring up DocumentsUI again.

              • @[email protected]
                link
                fedilink
                21 year ago

                You know, I did have this problem like a year ago. Except, it was a problem with saving the database. I don’t know what happened but haven’t faced it in a long time now.

  • Christopher
    link
    fedilink
    English
    441 year ago

    One more point on Bitwarden - when the top password managers were being hacked/exploited, Bitwarden was keen to fix what appeared to be vulnerabilities in an extremely timely manner. I don’t remember where I read the article but it still fared best out of all the other managers out there.

    It may have been ars technica, I don’t remember.

    • @[email protected]
      link
      fedilink
      English
      51 year ago

      This is one of the few things I don’t want to selfhost, at least right now. If I fuck something up with Vaultwarden or the PC it runs on, I lose access to EVERYTHING all at once. I’d rather offload that risk to Bitwarden’s official server.

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        Backups is the keyword. I run Vaultwarden on my internal network, the data gets backed up to an external hard drive, borgbase and another remote machine using borg backup. I also stored the passphrases for these backups in a KeePass database (that is backed up elsewhere). I don’t think I need to worry about data loss. Plus - if the Server is not reachable the synced devices should still have access to the passwords.

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        As long as you are using it on multiple devices you are ok. If the server goes down the app still works. So absolute worst case scenario, you can just export your vaults from your phone, then sign up for Bitwarden and import it.

        I periodically take proactive exports every few months and put them on an external hard drive still though.

  • @Robertej92
    link
    English
    361 year ago

    Guess I’m gonna have to give bitwarden a go, I’ve used LastPass for years but their quality of service and value for money has plummeted.

    • Zagorath
      link
      fedilink
      English
      101 year ago

      I used LastPass up until they re-started charging for multiple devices. I was happy to pay LastPass back in like 2013 when they used to charge for multiple devices, but when they decided to bring that charge back in 2022 (or whatever year it was) they were charging an obscenely high amount for it, and frankly the UX wasn’t good enough to justify that price. On Android, more often than not I was having to go into the app to copy/paste it, because the native integration just wasn’t working.

      With Bitwarden I’m back to free, and it works so much better anyway. I never looked back.

    • boletus
      link
      fedilink
      English
      81 year ago

      Been using Bitwarden for a long time. Secure, easy to use and never had any problems with it.

    • @Selmafudd
      link
      English
      21 year ago

      Brah I’ve seen so many of these post asking what password manager people use and the comments filled with bitwarden replies… it could just be lots of people really interested in password managers use Lemmy or bitwarden is astroturfing. One of these seems more likely