Password Manager

[Guest]

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

[N0ps32]

Just now, Just Ori said:

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

Bitwarden

[Spotty]

1 minute ago, Just Ori said:

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

I've heard good things about Bitwarden, though you might be better off putting a new post in the Programs, Apps, and Websites section asking.

[Itrio]

3 minutes ago, Just Ori said:

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

I personally use 1Password, but have used BitWarden in the past. There are reasons for both, and I think that the episode of Security Now that covered their switch to Bitwarden covered a lot of those considerations. 

1Password's PBKDF2 iteration count was up'd to 600,000 recently too, so that's good as well.

 

EDIT: @Spotty's recommended section is where I'd go as well

[Guest]

3 minutes ago, N0ps32 said:

Bitwarden

Thank you! Was actually looking at Bitwarden but wanted more opinions on the matter.

[Birblover12]

8 minutes ago, Just Ori said:

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

I heard that LMG themselves is switching to Keeper, I've heard good things about it. Lastpass used to be good but their Security Breaches mixed with reports of malicious amounts of tracking from them would make one look twice at using them.

 

Bit Warden seems like a very reasonable option too, whatever you choose just make sure to do your due diligence in researching the companies

[pcislocked]

13 minutes ago, Just Ori said:

While we're on the subject of hacking (hello, new to the forum, longtime LTT watcher) anyone got a good alternative to Lastpass? I don't mind paying either.

keepassxc + syncthing for serverless cloud sync. browser integration is a bit ohio-ish but if you import everything right it'll work great.

 

and backup your database to google drive for extra backup (+ maybe encrypt it with 7zip on gdrive for extra security)

[Guest]

3 minutes ago, Birblover12 said:

I heard that LMG themselves is switching to Keeper, I've heard good things about it. Lastpass used to be good but their Security Breaches mixed with reports of malicious amounts of tracking from them would make one look twice at using them.

 

Bit Warden seems like a very reasonable option too, whatever you choose just make sure to do your due diligence in researching the companies

Will do! Thanks!

 

2 minutes ago, pcislocked said:

keepassxc + syncthing for serverless cloud sync. browser integration is a bit ohio-ish but if you import everything right it'll work great.

 

and backup your database to google drive for extra backup (+ maybe encrypt it with 7zip on gdrive for extra security)

 

Already using GDrive for my most important stuff (which is mostly just photos, lmao) Didn't know I could encrypt it directly in GDrive tho.

[pcislocked]

3 minutes ago, Just Ori said:

Will do! Thanks!

 

 

Already using GDrive for my most important stuff (which is mostly just photos, lmao) Didn't know I could encrypt it directly in GDrive tho.

keepassxc works with "database files", you basically open it like any other file and load the database into the program(dont worry its not that manual every time). it can be encrypted by keepassxc using "key files"(another file acting like password basically), or by password, or even by hardware key. so depending on your case you might not encrypt it on gdrive at all.

[Spotty]

> Discussion split off in to its own topic.

@Just Ori You may need to follow the topic to continue to receive notifications for new replies.

[Guest]

1 minute ago, Spotty said:

> Discussion split off in to its own topic.

@Just Ori You may need to follow the topic to continue to receive notifications for new replies.

Thank you! my bad for going off topic in the other thread. I'll be more careful for now on.

[BaidDSB]

gotta ask. why do you guys need password managers anyway? i just checked and i have 230 logins in just one browser. i probably have over 100 more in the rest of my accounts.

 

ON TOP OF THAT i operate and need to remember all my parents Social media and google and banking and any other passwords.

 

so im running 400-500 logins. with about 10 sets of passwords for all 3 of us.

 

 

Is this REALLY that hard to remember? Im almost 28 so its not like im super young with perfect memory.

[NinJake]

I'd say Keepass if you're good about maintaining your own data or Bitwarden if you just want a password manager that works well and is cloud synced. (If you have Keepass loaded on your own personal PC and that PC dies ((and none of that data is backed up anywhere)), all your passwords are gone)

 

Bitwarden for ease of use

Keepass for tigher security (in that it doesn't get saved up in someone else's server like almost all other password managers do)

[Guest]

2 hours ago, BaidDSB said:

Is this REALLY that hard to remember?

Yes, considering I use a different password for every account. I'm logged into many websites, and they're at least 18 characters each (I made them very strong and difficult passwords). It's simply not realistic for me to memorize them all. Right now I have them all saved in a text file that I then put into GDrive, which I realize is also unsafe.

 

Using a password manager, which requires only 1 master password, makes the most sense.

[LIGISTX]

4 hours ago, BaidDSB said:

gotta ask. why do you guys need password managers anyway? i just checked and i have 230 logins in just one browser. i probably have over 100 more in the rest of my accounts.

 

ON TOP OF THAT i operate and need to remember all my parents Social media and google and banking and any other passwords.

 

so im running 400-500 logins. with about 10 sets of passwords for all 3 of us.

 

 

Is this REALLY that hard to remember? Im almost 28 so its not like im super young with perfect memory.

The reason to use a password manager is so if one of those websites is compromised, not all of your logins are compromised. You reduce attack surface to the password manager itself, since every single website will have its own password. Also, just about any human created password is bad… so if you can come up with one very long password, that plus 2 factor authentication locks down your password manager pretty well. Obviously if you are high profile or could be exploited to make a massive profit, people can find ways around this as seen here today (we don’t know what was exploited yet to be fair). 

[Guest]

Alright I decided to go with BitWarden, even got the $10 version.

 

Took me a little bit to figure out how to use it; it's my first password manager but fortunately I got it all figured out and even got the app on my phone now.

 

My final question is this: Where to safely store my master password?

[KaiAurora]

I moved from Lastpass to 1Password due to the lack of encryption on items and the recent hacking.

[BaidDSB]

4 hours ago, Just Ori said:

Alright I decided to go with BitWarden, even got the $10 version.

 

Took me a little bit to figure out how to use it; it's my first password manager but fortunately I got it all figured out and even got the app on my phone now.

 

My final question is this: Where to safely store my master password?

make a separate thread to ask this. this might get lost in the thread

[Stahlmann]

12 hours ago, Just Ori said:

Thank you! Was actually looking at Bitwarden but wanted more opinions on the matter.

Bitwarden is great. I switched over there from LastPass after the recent problems. Bitwarden's free tier offers most of they paid LastPass functionality so that's nice.

[Stahlmann]

6 hours ago, Just Ori said:

Alright I decided to go with BitWarden, even got the $10 version.

 

Took me a little bit to figure out how to use it; it's my first password manager but fortunately I got it all figured out and even got the app on my phone now.

 

My final question is this: Where to safely store my master password?

In your head. Since you only need to remember one password from now on you should be able to remember even a pretty complicated one.

[Guest]

7 hours ago, Stahlmann said:

In your head. Since you only need to remember one password from now on you should be able to remember even a pretty complicated one.

Mmmm nah not good enough for me. I'll find someplace for it.

[dilpickle]

51 minutes ago, Just Ori said:

Mmmm nah not good enough for me. I'll find someplace for it.

 

Its not a good idea to store it electronically. Write it down and hide it someplace no one could ever possibly know about like under the insulation in your attic or some other random hidden place. Putting it in a safe or deposit box is too obvious and you never know when that could be compromised. Ideally you would never need to look at this again because like the guy said the key is to memorize it.

 

Make it so you have to type it in at least once or twice a day so its always fresh in your mind.

 

Also there is an option to have a trusted contact get access if something happens to you.

[undergroundbeef]

1Password gets my vote. It should be getting PassKey support soon as well, which is good. Without a 3rd party password manager to handle PassKeys it started to look like the OS vendors were looking to use that as another form of lock-in.

[Guest]

23 hours ago, dilpickle said:

 

Its not a good idea to store it electronically. Write it down and hide it someplace no one could ever possibly know about like under the insulation in your attic or some other random hidden place. Putting it in a safe or deposit box is too obvious and you never know when that could be compromised. Ideally you would never need to look at this again because like the guy said the key is to memorize it.

 

Make it so you have to type it in at least once or twice a day so its always fresh in your mind.

 

Also there is an option to have a trusted contact get access if something happens to you.

I found a couple of safe spots for it. Memorizing it isn't good enough for me due to actual memory issues (my brain has issues, not going into details).

 

Thanks everyone!

[Metaformed]

Im sure there may be better ones, but I’ve had good experiences with Dropbox Passwords for years.