thank you.

  • @[email protected]
    link
    fedilink
    1311 year ago

    Bitwarden. It’s free, open-srouce, you can even self-host your own instance… or pay 10$/year! for the full support. The free version has everything you will ever need.

    • Cralder
      link
      fedilink
      491 year ago

      The price for the premium is fucking crazy. 10$ a fucking YEAR?? Not month but YEAR!? What features do you get? Actually I don’t care about the features just take my money that’s cheap as shit

      • ikiru
        link
        fedilink
        531 year ago

        I have premium and I have no idea. I just pay it to support them.

        It’s an excellent password manager. I love it!

      • sarjalim
        link
        fedilink
        16
        edit-2
        1 year ago

        I pay for Bitwarden premium and the big thing for me is the ability to use it for 2FA/TOTP right from the browser extension (for sites where I feel convenience mostly trumps hardened security). It’s glorious that Bitwarden autofills username and password, and then auto-copies the current 2FA code to your clipboard so you can just paste it immediately, instead of needing to pull up your phone and authenticator app to fetch a code, or check your email/texts for a code.

        • pjhenry1216
          link
          fedilink
          91 year ago

          Proton has a similar feature (not sure if it’s part of free or premium as I subscribed for proton ultimate so it just came with Proton Pass). It’s honestly crazy how nice having TOTP right in the extension for the account’s entry in the manager.

          Also, I realize this is like the third time I’ve made a comment about Proton, so I’m probably gonna stop before folks think I’m like a shill or something.

          • TheLastOfHisName
            link
            fedilink
            91 year ago

            It’s not shilling if you genuinely believe in it. I use Proton’s services as well. Love that company.

        • @[email protected]
          link
          fedilink
          21 year ago

          Oh fuck yeah, I forgot about this. No need to pull my cellphone anymore, all the 2FA gets automatically filled after entering password. That’s magic.

      • LUHG
        link
        121 year ago

        It’s so good that people think we are paid to promote it. Kinda sad that really. It’s pretty evident that we aren’t shills. Use my code: shill20

      • Amju Wolf
        link
        fedilink
        English
        11
        edit-2
        1 year ago

        It’s insane to think that people think of that as cheap. It’s … adequate. Clearly enough to run a company that can support it and further develop it, all the infrastructure, etc. Somehow all other companies convinced us that it should be okay to pay $10 per month or more for the most basic of services, where until now their revenue per user was maybe $0.5/month for the biggest users (ad watchers).

        $10 per year is what the vast majority of subscriptions should cost - they’d still make plenty of money, but it’s just not enough for them when they know they can nickle and dime you for more.

      • kittykabal
        link
        fedilink
        61 year ago

        the big feature i use from premium is the ability to use hardware 2fa. i use a Yubikey to secure it further. worth the peace of mind imo, and Bitwarden has never once failed me in the years i’ve been using it!

      • @[email protected]
        link
        fedilink
        31 year ago

        I know of MFA being allowed on it when you go premium, and I think it allows a collection, so you can have a shared collection of passwords with someone else. It’s been really handy for my wife and I, especially for things like bank and apartment logins.

        • LUHG
          link
          21 year ago

          Shared OTP is amazing

      • @[email protected]
        link
        fedilink
        3
        edit-2
        1 year ago

        You can share passwords with other people, you get 1gb of attachments space disk (to store important documents, recovery keys, crypto wallet, etc), you have access to many reports that will tell you what password might have leaked, weak password and whatnot.

      • @[email protected]
        link
        fedilink
        11 year ago

        You can store attachments and, I think, more sharing feature? Honestly, I too pay to support them.

    • @[email protected]
      link
      fedilink
      English
      1
      edit-2
      1 year ago

      If you’re like me and your work uses Bitwarden, your personal family accounts are free too. And unconnected to the business account of course.

  • @[email protected]
    link
    fedilink
    591 year ago

    The Firefox password manager can be secured with a master password that encrypts everything in your browser password store. Believe it’s pretty secure if you set this password otherwise it’s almost akin to having passwords stored in plain text.

    +1 for bitwarden

    • @[email protected]
      link
      fedilink
      21
      edit-2
      1 year ago

      It’s encrypted over Firefox Sync though, regardless of if you set a master password.

      The master password is only needed if you don’t have complete physical security (or your machine is hacked)

      Curious if OP was more interested in how secure the Sync feature is vs the manager itself. Sync requires trusting that Mozilla aren’t the bad guys.

  • Sandbag
    link
    411 year ago

    I wouldn’t use any browser password manager, last time I even looked at one they were saving my passwords in plaintext!

    Bitwarden, one pass, keepass, basically anything other than LastPass should be good!

    • ares35
      link
      fedilink
      101 year ago

      without a master password, firefox just uses a simple scheme it can reverse. if you use a master password, though, then that password is needed.

      chromium browsers now use windows credentials, if you have no password on a local windows account, then none is needed to extract the passwords from the browser. .

    • @Risus_Nex
      link
      4
      edit-2
      1 year ago

      It seems I’m not up-to-date. What’s wrong with LastPass?

      Edit: nevermind. I just googled it. [https://www.notebookcheck.com/Ist-LastPass-noch-sicher-Experten-kritisieren-den-Passwortmanager.677484.0.html)(url) Here is an article about it (in German), for anyone else wondering.

      Seems like I will have to find a way to move my vault to another password manager. I hope I can find a way of doing this safely without needing to do that manually… So I am grateful for any advice!

    • @[email protected]OP
      link
      fedilink
      31 year ago

      thank you for the rec! a small doubt even though they are in plaintext, when the hackers can’t log in aren’t they safe tho or is it easy to hack?

      • @[email protected]
        link
        fedilink
        21 year ago

        Most viruses now start off by scooping up all saved browser passwords automatically then sending them to a remote server. So if one of those ever goes off on your system you are at quite a risk. Especially since there are really good other options that aren’t vulnerable to that

  • 𝒍𝒆𝒎𝒂𝒏𝒏
    link
    fedilink
    371 year ago

    IMO yes. It’s stored encrypted on their sync service, and you can additionally encrypt it locally too by setting a master password in FF settings.

    Didn’t notice any mention that you can actually self host Firefox’s browser sync service yourself. Personally haven’t tried, but IIRC there’s setup docs on Mozilla’s github

  • LUHG
    link
    361 year ago

    Just bitwarden is all that’s needed to be said. Ohh, and yubikey

    • @[email protected]
      link
      fedilink
      English
      31 year ago

      I use Bitwarden and, though all the features are very nice (self hosted Vaultwarden), the clients are really bad. The autofill is super inconsistent on Android. The app takes 20s+ to load on my Pixel 3a. You can’t trigger a sync from the quick autofill menu, you have to open the full app. The “desktop app” is just an embedded browser. I really want to like it, but it doesn’t make it easy.

      • @[email protected]
        link
        fedilink
        41 year ago

        The Firefox add-on works great, and I’ve never really needed more than that and the website. On Android I have a 3a too and not noticed this issue.

      • @[email protected]
        link
        fedilink
        11 year ago

        Not sure what you mean about no autofill on android, it definitely pops up on login fields for me and quickly lets me login with biometrics and then gives me my account. I only ever need to open up the app when I need to force it to sync if I’d just added a login on a different device and it hasn’t synced yet.

      • LUHG
        link
        11 year ago

        I agree with most of your points although the android app is fast for me. The autofill isn’t great I must stress.

        The windows app and autofill need an overhaul.

  • @cani
    link
    English
    24
    edit-2
    1 year ago

    deleted by creator

  • @cheese_greater
    link
    English
    181 year ago

    Broswer != password manager. Will this notion please fucking die

  • callyral
    link
    fedilink
    181 year ago

    I personally switched from it to Keepass, it is cross-platform, open-source and pretty secure. It doesn’t come with cloud support, but I guess you could just put the file in some sort of cloud storage you trust. It also supports one-time authentication codes!

    • @[email protected]
      link
      fedilink
      111 year ago

      I’ve been using keepass for years. I use syncthing to keep the copy of the db on my phone and laptop and backup synced.

    • @[email protected]
      link
      fedilink
      4
      edit-2
      1 year ago

      The big downside of this is when you need to log in to some web site when being away from your computer.

      Then you have to transfer your entire database to some other computer and make sure it’s deleted afterwards in a secure way. Much more risky than using Bitwarden I believe.

      I guess you can skip the deletion part if you trust there is no way to decrypt the db file in the future.

      • Rootiest
        link
        fedilink
        English
        11 year ago

        On the rare occasion I need that, I just run KeePassDX Portable from a flash drive.

        But really it’s a bit risky to use any password manager on a device you don’t control.

        At least my KeePass database is secured with my YubiKey so it’s not likely anyone will get in if they do stumble onto my DB file.

    • feugnis
      link
      fedilink
      English
      21 year ago

      I tried keepass but then switched to vaultwarden.

  • nicman24
    link
    fedilink
    12
    edit-2
    1 year ago

    Mozilla is one of the like 3 companies (thought the foundation is non profit) that I would trust my encrypted data with

  • @NabeGewell
    link
    English
    121 year ago

    Well it’s better than Chrome’s if you don’t sync to your account, however I’d recommend you local password manager such as keepass

  • Deanne
    link
    fedilink
    111 year ago

    it’s pretty safe but bitwarden is much better

  • merrick
    link
    fedilink
    English
    111 year ago

    I don’t recommend using any browser’s in built manager. Look into Bitwarden or KeePassXC.

  • 520
    link
    fedilink
    101 year ago

    Keepass has what you’re looking for. Free, totally cross platform, no cloud unless you wanna put the database file on cloud storage, and can be very secure.