Android

As other have said: Bitwarden.

Once you taste it, you can't go back.

KeePass with Keepass2Android on my phone with the vault synced via Dropbox. Use biometrics to access both apps. I also use Secure Password Generator on Firefox to get passwords + several options in KeePass (readable passphrase, diceware, etc.)

I switched from LastPass to Bitwarden. I think they're great, being able to use a strong bespoke password for every service along with one nuclear missile arming grade password plus 2FA for the manager itself.

LastPass -> Enpass -> BitWarden

Tried KeePass (on Windows), 1Password and pass before settling with BitWarden.

Im using KeepassXC and sync it with Nextcloud

I like the simplicity of password-store. It's just a simple wrapper around a text editor, gpg, and git that allows you to make an encrypted, version controlled password repository that you can sync between devices using GitHub/Gitlab/etc. It also doesn't lock you in to any app since the passwords are just stored in gpg-encrypted files.

As with most things security it's about assessing your risk.

If you're a granny with a hand full of passwords then a notebook is probably fine.

I think for most people, who aren't CEOs, high value employees, or some kind of holder of the keys to a kingdom beyond their personal bank account, a solid full e2ee password manager that's cloud synced is a nice middle ground of security vs convenience. It beats a post it under keyboard or a notebook left on the night stand.

For those CEOs, or high value employees then something offline is in order. Or as I've seen others note perhaps a combo of full offline and cloud synced for less important logins.

I recommend Bitwarden as others have here. It seems to be the one that's come through unscathed thus far and the company behind it seems to be making the right moves to stay ahead of risks. https://bitwarden.com/help/is-bitwarden-audited/

I don't know if this totally credible or not, but I found news that KeepassXC receives positive audit from independent security consultant. Very rare to happen in pass manager apps..

I got this news from Linux Magazine first as I remembered, so I think this is credible and best alternative solution for us to use KeepassXC than other (never heard other apps has been audits by independent security firms / consultants like this).

Currently I use Bitwarden on both my phone and my pc, but I'm looking into self hosting it with vaultwarden. This gives you access to premium features (such as TOTP support, for which I currently use Aegis Authenticator). It also gives you full control over your data.

Been using Bitwarden since 2017, I think.

I love it! I did use other password managers, but I ended up retaining Zoho Vault and KeePass. Zoho for work credentials while KeePass for archive and backup purposes.

I use Bitwarden. Used to use Last pass, but that got crappy a while back.

Bitwarden

Password managers are a requirement for me these days. With how many breaches occur daily that we might not even know about you probably want a password that hasn't been reversed or used before. For me I don't know what I'd do without Bitwarden. I previously used LastPass until they added some restrictions and I figured out that Bitwarden was opensource. I don't currently run my own instance of it but easily could, keeping my passwords off other peoples computers.

Lots of love for Bitwarden in this thread; I’d also like to pitch in with 1Password. It’s got a great UX and I even got my mom on board.

Used to use Lastpass since ~2013; really glad I switched last year. Lastpass has turned to absolute shit.

Been using KeePass for years since I couldn't keep track of every single random passphrase I have. And yes, I recommend it highly.

KeepassXC on desktop with browser plugin, KeePassDX on android I find it less confusing to use than Keepass2Android.

It is only a bit difficult to setup sync, but you can use syncthing, or drive and it works nicely.

As others have said, bitwarden. I've also heard good things about roboform.

I really love that bitwarden is not only open source but has been professionally code reviewed, and can be self hosted if you've got the knowledge to do so.

Of course, if you're self hosting it make sure you have a solid backup strategy for your vault.

I think the best quote on PW Managers was "Password Managers are the vegetables of the internet. We all know they're good for us, but a lot of people are still content with the equivalent of password junk food".

Password managers are great, and the time i have to spend unlocking Bitwarden to autofill my password, is about the same time that it would take me to type out a password on my own. AND my passwords are exponentially more secure!

I use Firefox's built in password manager because its crossplatform and I can use it on all my devices.

My goto is KeePass. Does everything I need. I like the use of hotkeys and the ability to have complete control over how the autotype works. Plus if you have a fingerprint scanner (phone or laptop or something) you can use autotype with that too. And the program is completely free.

You should really use a password manager so you always have a secure and different password for each site

I recommend KeePass if you want to save your password locally

Or if you want something cloud based then I recommend Bitwarden You can even host your own instance

Keepassxc for storage/backup and then I let the browser save the passwords I use. I like this setup.

Been using the keepass format with varying applications for about 14 years. I used to host it in SVN repo for that sweet sweet cloud access! Not that smart im retrospec.. I feel like you shouldnt trust your passwords to the cloud, especially if their thing is password management. Last pass for example is under constant battery from attackers.

1Password since forever. Can’t imagine having to type passwords or remember them.

I prefer a password with pronounceable content of nonsense words, separated by dashes, with some numbers and symbols in there somewhere. Such as: tostog-Meenish-flurbit-dalsag-3023# . It's long enough to be very secure, and easy to transcribe if I have to type it. None of the words are in a dictionary. I keep a big list in a note on my desktop, and peel'em off as needed, finally keeping the utilized PWs in Enpass.

KeePass is the perfect tool for me ! The cybersecurity practice at work also use it,