Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I’m done dealing with passwords.
What password manager do you recommend?
Features I’m looking for
-Open Source
-Can be synced to cloud (I don’t want self host)
-Can be accessed via a browser
-Cross platform, the more platforms, the better
-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics
-Autofill for browser and apps
-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)
-Can export the passwords to a file
I never used a password manager before so sorry if I seem like a noob.
I know I could google it, but I want the lastest info, not some outdated reddit post.
Edit: Woah, those replies are fast. I think I’ll use Bitwarden. Thanks for recommendations! Now I don’t need to worry about forgetting passwords anymore. 😄
Edit 2: It seems I’ve forgotten my email password as well as a few other accounts I haven’t logged into for a while. Damn, should’ve used a password manager earlier.
You must log in or register to comment.
I’ve been using keepass for 10+ years now. I store it on a USB that is only connected to the internet when I plug it in.
*Sees post. Guess I should make sure someone has said Bitwarden.
*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.
*Good. I don’t need to reply.
Non self-hosted: Bitwarden
Self-hosted: Keepass
Both are open-souce, multi-platform, and free. Bitwarden does have additional paid tiers to include support for things like OTPs. I used to use Keepass but got tired of manually syncing my database; If that’s not a problem for you then it’s a great choice.
Bitwarden supports self hosting doesn’t it? There’s an option in the UI to specify server
Yup, you can selfhost bitwarden and use your own private server to sync between devices.
One thing I was always wondering about the OTP feature: If OTPs are used for two-factor authentication but both your password and the OTP can be accessed through Bitwarden, aren’t you effectively sidestepping the two-factor part? I mean if I have the OTPs only on my phone then I need to know the Bitwarden master password and I need to have my phone in order to log in. On the other hand if both are in the Bitwarden vault, I only need to know the Bitwarden password. So effectively two-factor becomes one-factor authentication.
Maybe the relevant scenario here is your credentials for some website getting leaked. With OTPs inside Bitwarden any attacker would still not be able to log in as long as they don’t know your master password, giving you plenty of time to change your password. Although, if the attacker already found a way to access confidential website logins, they can probably access all kinds of other confidential data related to this account without even logging in as you.
KeePass all day. Completely open sourced and free.
I use
KeePassium on iOS
KeePassiumXC on desktop
Keepass2Android (no net) on Android.
All synced via Nextcloud but you can sync via sync thing as well if you don’t want to self cloud host.
I tried bitwarden and others and finally just settled on the firefox password manager. It does everything I need.
My only gripe is having to insert my password every 15min (afaik it’s either that or having all your accessible by anyone using your computer). That and the fact that they discontinued the password manager they had on Android. This is what made me move to bitwarden.
they discontinued the password manager they had on Android
I use it on Android Firefox every day, it syncs my passwords to all my linked firefox instances.
Ah, I was using Firefox Lockwise, which was discontinued, but I see that Firefox itself can act as a password manager now?
By which I mean an auto-fill service
Yes, andiyou can sync between you installs.
It not perfect but it’s enough for me at least.
Yet another vote for Bitwarden. I love that you can access your stuff through a browser without installing anything, I need that sometimes on my work pc where I cannot install anything.
Bitwarden, self hosted.
If I may, what are the requirements to make it self hosted?
[This comment has been deleted by an automated system]
How do you make the sever available via the Internet? Do you host it on a cloud provider (e.g. AWS EC2)? or do you self host on your own bare metal machine?
[This comment has been deleted by an automated system]
any $5 VPS provider will do.
A cheap <$20/year VPS is sufficient to host Vaultwarden. No need to spend several times that. My Vaultwarden installation is only using 120MB RAM, so a 1GB RAM VPS would be more than sufficient. Take a look at RackNerd, HostHatch, GreenCloudVPS, and the other top providers on LowEndTalk. RackNerd’s latest sale has a VPS plan with 1GB RAM and 14GB SSD storage for $11.38/year: https://lowendtalk.com/discussion/186994/boom-boom-4th-of-july-deals-come-come-deals-freebies-by-racknerd, but I’d personally go with the 4GB RAM and 75GB disk for $47.88/year, since self-hosting is addictive and you’ll find plenty of other stuff you want to host.
(I’m not affiliated with any of these companies)
[This comment has been deleted by an automated system]
+1 for Bitwarden here. One day I will go down the self-hosted route.
I have the server, just dont trust myself enough to cut the cord from BW servers.
deleted by creator
I have a cronjob that just does docker pull/stop/rm/run without checking the error codes
Ah, you like living on the edge 😛
I don’t trust automated Docker updates… There can be breaking changes between versions. I don’t want my Docker containers to automatically break themselves :D
[This comment has been deleted by an automated system]
I don’t want to self host
IMO Keepass is not for you then. Bitwarden all day
But you can sync your database across devices using Syncthing or a cloud storage like MEGA.
Keepass + Syncthing is great, works also on phones.
Bitwarden
