I am sick of remembering the password of my digital accounts. Is there a good password manager which I can carry with me easily and has all the tech of safe housekeeping. What to expect from a password manager from security point of view.
or
What it takes to create our own password manager?
I started using Keepass about 2 years ago. It’s free, but I couldn’t find a way to cloud sync the database that I liked.
I started using LastPass a while ago and like it. It’s a couple bucks a month, or there is a free option. If you want hardware 2FA, I think the premium service is required.
Odd, I’ve sync’d it every which way without issues (Drive, DropBox, Box, SpiderOak, etc).
I use KeePass and have been for the past 10+ years. It’s awesome.
LastPass is useful, but I’ve had problems with it in the past though nothing truly deal killing.
It worked, just didn’t like the process.
I use Lastpass. I DON’T use the auto fill or auto login feature for sites after it did something weird to a login one time that took awhile to fix. I’m pretty sure it was user error on my part, but it was all too easy a mistake to make, so I don’t use it.
But for just simple storage of data that look up and sometimes I copy/paste, it’s very handy.
And I like that my husband and I can use it as central common storage that can be accessed from any computer or phone once lastpass is installed
Also if you want a free month of LastPass premium any of us here with it can send you a link for a free month.
Damn, I should’ve done this so I got the free months…
By all means go for it I have a discounted year prepaid so I’m good till next August.
Keepass user here. …
Which plan do you use?
one word. Don’t!.
Creating one from scratch is the worst thing to do unless your a cypherpunk or understand cryptographics and secure programming. There’s already tons of them out there with the better ones being:
I do mine the old fashioned way. Write them down with a date. I change my passwords too often. Phone & iPad lock every 90 days, not by choice either. I have actually erased my phone a couple times because I forgot my password.
I do it similarly but keep my passwords in my emails (send emails to myself). I don’t have to date them as whenever i change the password i would reply to the same email.
+1 for keepass. It’s free and with a little work you can sync to almost any cloud. There are apps available for android that allow you to access your kdbx file as well on the go. I believe Lastpass has been hacked multiple times. Google “LastPass Hack” and you should find a few articles over the years of various hacks and security vulnerabilities. Not to say that Keepass is bulletproof, but… yeah.
awesome, i was about to ask the question on the portability of the kdbx file.
BTW, why isn’t there an iOS app?
There are. I just don’t use iOS so I wasn’t sure off the top of my head. Regardless, a quick google search shows some options. Here’s the official site with all your options. https://keepass.info/download.html. Looks like there are even some for windows phone, blackberry, and Palm OS lol.
Free.​​​​​​​​​​​​​​​​ Probably upgrade in the next two months for the extra storage and two-step login.
Why we stopped using LastPass…
https://www.google.com/search?q=lastpass+compromised
first off they did have a few breaches on the website with full discloser of the events and not data compromise. That’s because the encryption happens within the local client and key stays with that device that encrypted the secret (ie the pc or optionally dedicated hardware like a yubikey). Plus on top of that they encrypt both the input, storage, at rest, and tunnel. All one needs to do to really be even extra safe is setup two factor authentication and one time passwords.
The closest thing to that level of security is setting up a full pki local in an air gap network, using securecard to store the gpg signing key, and lock everything in an offsite vault.