this post was submitted on 11 Jul 2023
366 points (97.9% liked)

Asklemmy

43753 readers
1275 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

Okay so yesterday, I changed my password as a precaution because of the hack, and just now I decided to clean my browser tabs and re login and almost forgot my password. I'm done dealing with passwords.

What password manager do you recommend?

Features I’m looking for

-Open Source

-Can be synced to cloud (I don’t want self host)

-Can be accessed via a browser

-Cross platform, the more platforms, the better

-End to End Encrypted, and Encrypted at rest on my device, also need some way to authenticate before releasing the password, like a pin or biometrics

-Autofill for browser and apps

-Free (can be a freemium model, but I need the base tier to be free, too broke to spend money on this lol)

-Can export the passwords to a file

I never used a password manager before so sorry if I seem like a noob.

I know I could google it, but I want the lastest info, not some outdated reddit post.

Edit: Woah, those replies are fast. I think I'll use Bitwarden. Thanks for recommendations! Now I don't need to worry about forgetting passwords anymore. πŸ˜„

Edit 2: It seems I've forgotten my email password as well as a few other accounts I haven't logged into for a while. Damn, should've used a password manager earlier.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 202 points 1 year ago (10 children)

I'll say maybe Bitwarden checks all of that.

[–] [email protected] 27 points 1 year ago (1 children)

I love Bitwarden! The $10/yr subscription is totally worth it too.

[–] [email protected] 10 points 1 year ago* (last edited 1 year ago) (10 children)

Can someone sell me on the subscription? I don't mind paying for it because that's really cheap but I don't really understand what exactly it offers. I've been using the free version of Bitwarden for years now.

load more comments (10 replies)
[–] [email protected] 11 points 1 year ago (2 children)

Agreed, I've been using it for about 6 years after moving from iOS to Android and its great, fits all the points required by OP.

load more comments (2 replies)
load more comments (8 replies)
[–] [email protected] 89 points 1 year ago

Bitwarden is a no brainer. It offers ALL the features that an average user needs in its free plan (which imo all other password managers don't.)

Its also a privacy friendly service which has passed multiple security audits from external entities

[–] [email protected] 81 points 1 year ago (3 children)
[–] [email protected] 12 points 1 year ago

This.

Bitwarden.

All day; everyday.

load more comments (2 replies)
[–] [email protected] 76 points 1 year ago
[–] [email protected] 69 points 1 year ago (2 children)

You've just described bitwarden.

[–] [email protected] 24 points 1 year ago

Bitwarden 100%

[–] [email protected] 10 points 1 year ago

I use the managed version of Bitwarden and I like it a lot compared to others.

[–] [email protected] 61 points 1 year ago (5 children)

Bitwarden checks all the boxes. I've had great experience with it. https://bitwarden.com/

I will say, auto-fill on load is a bad idea. On desktop I keep my auto-fill bound to a key so it doesn't actually end up in fields it shouldn't be.

2FA is locked behind the $10/year premium if that's something you wanted, but beyond that the free plan has everything 99% of people will use. They do third party security audits, have public white papers, and is completely open source.

[–] [email protected] 13 points 1 year ago (3 children)

Email and TOTP 2FA options are available in the free version, YubiKey, FIDO2 and Duo options are only available in the 10$/year premium option.

[–] [email protected] 15 points 1 year ago

I'm sure they meant TOTP 2FA for the accounts saved in Bitwarden, not for the Bitwarden login itself.

load more comments (2 replies)
load more comments (4 replies)
[–] [email protected] 58 points 1 year ago

Yet another vote for Bitwarden. I love that you can access your stuff through a browser without installing anything, I need that sometimes on my work pc where I cannot install anything.

[–] [email protected] 57 points 1 year ago (3 children)

Bitwarden, hands down. been using them for like 7 years now? have got nearly 300 accounts in the password manager, and is fully free. Haven't paid a single penny to them. Autofill is possible, on both android and web browser, although you'll have to set it up through an extension. Fully cross-platform. Used it on Linux, windows, MacOS, IOS, iPadOS, Android. you can access it via a browser, is open source and is hosted by Bitwarden if you want to.

it ticks all your requirements!

[–] [email protected] 12 points 1 year ago

Bitwarden is great. If OP wants they can self host it via Vaultwarden which I’m using. It works perfectly.

load more comments (2 replies)
[–] [email protected] 56 points 1 year ago* (last edited 1 year ago) (1 children)

*Sees post. Guess I should make sure someone has said Bitwarden.

*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

*Good. I don’t need to reply.

[–] [email protected] 19 points 1 year ago

*Replys anyway

Bitwarden ftw!

[–] [email protected] 45 points 1 year ago (17 children)

I'd say https://keepassxc.org/ covers all of your needs except the "Can be accessed via a browser" (Autofill works fine with a browser plugin)

[–] [email protected] 20 points 1 year ago* (last edited 1 year ago) (1 children)

KeepassXC with a browser plugin on the desktop and Keepass2Android on the smartphone. The password files are synced over my self-hosted Nextcloud and backed up to OneDrive. I couldn't be happier with this setup.

load more comments (1 replies)
[–] [email protected] 11 points 1 year ago

Happy KeepassXC User reporting and there actually is a browser plugin that works flawlessly.

load more comments (15 replies)
[–] [email protected] 39 points 1 year ago

One more point on Bitwarden - when the top password managers were being hacked/exploited, Bitwarden was keen to fix what appeared to be vulnerabilities in an extremely timely manner. I don't remember where I read the article but it still fared best out of all the other managers out there.

It may have been ars technica, I don't remember.

[–] [email protected] 37 points 1 year ago (3 children)

Bitwarden, bonus points if you self host it. I use the Vaultwarden variation.

load more comments (3 replies)
[–] [email protected] 35 points 1 year ago (4 children)

Guess I'm gonna have to give bitwarden a go, I've used LastPass for years but their quality of service and value for money has plummeted.

[–] [email protected] 10 points 1 year ago (3 children)

I used LastPass up until they re-started charging for multiple devices. I was happy to pay LastPass back in like 2013 when they used to charge for multiple devices, but when they decided to bring that charge back in 2022 (or whatever year it was) they were charging an obscenely high amount for it, and frankly the UX wasn't good enough to justify that price. On Android, more often than not I was having to go into the app to copy/paste it, because the native integration just wasn't working.

With Bitwarden I'm back to free, and it works so much better anyway. I never looked back.

load more comments (3 replies)
load more comments (3 replies)
[–] [email protected] 34 points 1 year ago

+1 for Bitwarden

[–] [email protected] 31 points 1 year ago (4 children)

KeepassXC on PC KeepassDX on android Nextcloud for sync

load more comments (4 replies)
[–] [email protected] 31 points 1 year ago (7 children)

Non self-hosted: Bitwarden

Self-hosted: Keepass

Both are open-souce, multi-platform, and free. Bitwarden does have additional paid tiers to include support for things like OTPs. I used to use Keepass but got tired of manually syncing my database; If that's not a problem for you then it's a great choice.

load more comments (7 replies)
[–] [email protected] 29 points 1 year ago (1 children)

Keepass is

  • open source and free
  • just uses a file, so you can sync it wherever/however you want
  • has a browser plugin with autofill if you're into that
  • is supported on all platforms
  • database lives in an encrypted file that you put wherever you choose
[–] [email protected] 14 points 1 year ago

For syncing I use Syncthing. It's open-source as well and syncs two/multiple devices without the need for cloud-storage

[–] [email protected] 28 points 1 year ago (10 children)
[–] [email protected] 10 points 1 year ago (5 children)

+1 for Bitwarden here. One day I will go down the self-hosted route.

load more comments (5 replies)
load more comments (9 replies)
[–] [email protected] 28 points 1 year ago

I use keepassxc, works well for me.

[–] [email protected] 27 points 1 year ago (4 children)

Another vote for Bitwarden just in case anyone needed one more comment to get them to use it.

load more comments (4 replies)
[–] [email protected] 25 points 1 year ago

Bitwarden is the exact app you just described. I use it. It's great.

[–] [email protected] 23 points 1 year ago (2 children)

I don't want to self host

IMO Keepass is not for you then. Bitwarden all day

load more comments (2 replies)
[–] [email protected] 22 points 1 year ago (1 children)

Plus one for BitWarden for a great low price/free option that’s open source.

1Password if you have a few extra bucks to spend. I find the look and feel to be worth the money despite not being open source.

load more comments (1 replies)
[–] [email protected] 22 points 1 year ago

One vote for BitWarden.

[–] [email protected] 19 points 1 year ago* (last edited 1 year ago)

KeePass all day. Completely open sourced and free.

I use

KeePassium on iOS

KeePassiumXC on desktop

Keepass2Android (no net) on Android.

All synced via Nextcloud but you can sync via sync thing as well if you don’t want to self cloud host.

[–] [email protected] 17 points 1 year ago

I've been using KeePass since the dawn of time. There are now other good options too, but I haven't seen any compelling reason to switch. It does everything I need both securely and well.

[–] [email protected] 15 points 1 year ago (5 children)

Last year I tried (and paid) 1Password.
For the past 6 months I'm using Bitwarden and it's really good. I find 1Password's UI better but if we consider the cost it's better to stay with Bitwarden.

load more comments (5 replies)
[–] [email protected] 14 points 1 year ago

A selfhost option: Bitwarden frontend with Vaultwarden backend.

[–] [email protected] 14 points 1 year ago (4 children)

Bitwarden, Psono, Proton Pass. 1Password is not open source but they’re amazing too and most secure because of a layer of protection

load more comments (4 replies)
[–] [email protected] 13 points 1 year ago

KeePass for me synced to whatever cloud you want. I use DropBox and the Android client has an option for that to save you work

[–] [email protected] 12 points 1 year ago

After 2 years of ignoring the fact that I use a duplicate password in over 100 places, and that password has officially been in breaches, I finally came to terms with the fact that it was time to find a password manager and generate unique passwords. I didn't do a ton of research and ended up with bitwarden. If I opened this thread to see a bunch of people ragging on bitwarden I was prepared to be VERY upset.

[–] [email protected] 12 points 1 year ago (9 children)

I tried bitwarden and others and finally just settled on the firefox password manager. It does everything I need.

load more comments (9 replies)
[–] [email protected] 11 points 1 year ago

+1 for bitwarden. If you want full control you can even host your own server. Easyish to setup at Bitwarden Docker Setup

[–] [email protected] 10 points 1 year ago

It’s been a long time since I switched to 1Password, but I used to use keepass. I’m not sure whether keepass has a browser extension, but otherwise (if I recall) it checks your other boxes.

1Password is great, even though it’s not open source, and you get to a spot in life where $3/mo is feasible.

load more comments
view more: next β€Ί