• /home/pineapplelover
      link
      fedilink
      101 year ago

      I use Bitwarden and recommended it to all my friends and family. It’s e2ee and you can have them on all your devices, it has autofill, password generators, and username generators. It’s pretty neat.

      I also have some friends who use keepassxc. There are mobile clients out there for it as well but it’s meant as a completely offline password storage.

      • m3adow
        link
        fedilink
        21 year ago

        Keepass files can be synced via Cloud Storage. I keep mine in my Nextcloud account.

      • BrikoX
        link
        fedilink
        31 year ago

        Lack of 3rd party audit. Only KeePass 1.x was audited independently.

      • @[email protected]
        link
        fedilink
        21 year ago

        Less support for KP on Linux. Needs Mono to run. More importantly, AFAIK, it won’t interface with a browser extension (on Linux). So KP is more Windows oriented.

    • Dark Arc
      link
      41 year ago

      I use Bitwarden for passwords, but I think Proton Pass is an honorable mention. It’s possibly more secure, but still new.

      • BrikoX
        link
        fedilink
        41 year ago

        Bitwarden just added support for Argon2id which makes brute forcing (which is impossible at the moment) even harder compared to PBKDF2.

          • BrikoX
            link
            fedilink
            81 year ago

            Harder in a sense that it costs even more resources per try, but current tech is not capable of brute forcing either.

    • thermal_shock
      link
      31 year ago

      1000% bitwarden. LastPass gets breached too often and have bait and switched users that were using the free version. Jump ship if you’re using them, export them and import into bitwarden.

  • @kn33
    link
    211 year ago

    Something to keep in mind is that security isn’t just about preventing attackers from accessing it. If that was the only criteria, then the most secure thing would be a flash drive buried in concrete.

    Security is also about accessibility.

    To that point, I believe the best password manager is subjective. That being said, I’m going to throw out a recommendation for 1Password. If you use it right, it balances security with convenience really well.

    • @DonnieNarco
      link
      11 year ago

      I have been using 1Password for a few years now, coming from LastPass before the whole bait-and-switch thing they did. I love 1Password, but I am curious how it stacks up to BitWarden since everyone in this thread keeps mentioning them.

  • @[email protected]
    link
    fedilink
    111 year ago

    The most secure thing to do would be to host your own server. You can do this with Bitwarden. Remember though that if you lose your server, you lose your passwords. You can also just use Bitwarden and their cloud service. It’s free and open source.

    • Panja
      link
      181 year ago

      The most secure thing to do would be to host your own server.

      That is assuming that you believe you are more secure than say Bitwarden the company, especially if you are hosting publicly.

    • @axzxc1236
      link
      51 year ago

      Or use something like KeePassXC that uses a database file, no internet required (other than downloading software).

    • @[email protected]OP
      link
      fedilink
      11 year ago

      I can’t really host my own server right now (maybe later when i have my own place) and after a bit of research bitwarden is the best free option but somehow it have 3.4 ish rating in my region

  • @pandarisu
    link
    61 year ago

    Depends on your definition of secure.

    A pen and paper can’t be hacked

    • @[email protected]
      link
      fedilink
      English
      21 year ago

      Just thinking out loud. If your paper record is actually QR codes, then you could scan them into your device as you need them. So you wouldn’t have to type some long, complicated sequence by hand.

  • G0FuckThyself
    link
    51 year ago

    KeepassXC should be secure enough, you can even use a hardware key.

  • scytale
    link
    31 year ago

    Keepass. Bitwarden for more convenience.

  • Mewtwo
    link
    fedilink
    31 year ago

    Why should I use bitwarden instead of Google’s password manager?

    • @[email protected]OP
      link
      fedilink
      41 year ago

      I use google password for my not so important account (shitpost account or burnable). Thing to remember, google is an advertisement company

    • DebatableRaccoon
      link
      fedilink
      11 year ago

      Bitwarden has a free tier on their service where you can share passwords with a single person. It’s not much in that regard but it’s all some people need.

  • @[email protected]
    link
    fedilink
    11 year ago

    Any known password manager is a target.

    If you have a Linux PC you can create a partition encrypted with LUKS and save the passwords in txt files. Even this solutions has a small risk because when you open a file it might end up in the cache. But it is still safer than Keepass.

    Downside. It might take a little bit more than few clicks to access to your passwords. But I suspect that the concern over too many clicks is inflated by the big corporations looking to dumb down their users.

  • @[email protected]
    link
    fedilink
    01 year ago

    I like the idea of a locally stored and locally encrypted password manager because when your passwords are on somebody else’s server with 10s of thousands of other people, that server becomes an attractive target for hacks. Who would bother hacking my computer just for one set of passwords?

    But with something hosted, they do (probably, do your research) have professional security experts working to protect their database.

    • @Archpawn
      link
      31 year ago

      I like them being locally encrypted, but them being not (exclusively) locally stored is very important if you want to keep using those accounts after your hard drive fails.

  • @sock
    link
    -11 year ago

    google keep but dont label ur passwords so the hackers cant use them (and neither can u)

  • Vaggumon
    link
    -31 year ago

    Not using one. Anything and everything that is connected to the internet in any way what-so-ever has at the very least some level of insecurity and vulnerability.

    • @[email protected]OP
      link
      fedilink
      21 year ago

      I Used to think like this but having multiple different accounts with multiple different password on different site is tiring. Just for this week i forgot my password on 3 different site which apparently i already change 1 of those site password last week. Now i second guessing myself every time i try to log in on a site