Android

I personally moved to Bitwarden from 1Password due to the cost, and I believe for an average user, Bitwarden is definitely the way to go as it is very value-friendly (at $10 USD/year), and it is open-sourced unlike many other proprietary password managers. 1Password may get more features, however it being $3.99 USD/month, many users don't need the extra security features and I strongly believe that common sense is the best security for any user.

I use pen and paper... yup.

I use Bitwarden with some trepidation. I keep hoping that eventually Proton Pass morphs into something that seems even more secure but right now it's pretty basic.

Is it bad that I just love built-in Chrome/Google auto-fill manager? Is this not safe? Autosync to Android does it for me + the fact that i can auto-generate and save/fill passwords seamlessly without having to switch between apps

My mom would use the same password for everything or she would mix it up a little tiny bit.

Her passwords were like.

Rainbow2002! rainbow2003 RAINBOW!!!

It was a different word from rainbow, but that's just an example.

I got her using two factor with Google with a really good password and she's using the built-in Google password manager. Now all of her passwords are 20+ random strings instead of a single word with different numbers at the end.

I think that's a much better system than what she was using before.

KeePass. Putting your passwords on someone else's webserver is just asking for trouble.

1Password for years, never had any issues.

I used to use Bitwarden and it's a great App but you need to export your saved password list frequently somewhere safe just in case.

I now use Safe In Cloud, the backup can be restored from their servers.

Afaik, the backups encrypted and Safe In Cloud have no access anyway, check out the Playstore reviews for more details.

https://play.google.com/store/apps/details?id=com.safeincloud.free

I'm not going to say whether it's the best or not because I have not compared, but I have used Keepass2Android for years which seemlessly integrates with my cloud storage and key files (stored offline), has useful randomized password generation, and is overall unobtrusive

Bitwarden, open-source, free, and awesome!!!!!

Used last pass for years until they decided no account sync for free users now I use bitwarden which I find is fantastic.

I just completed a study of Enterprise password management and move my company from LastPass to BitWarden.

1password was a close second.

Definitely recommend using one. Don't have a preference for any particular one, I use Google's for simplicity sake. But unless you have a complicated system that allows you to have different passwords for every online service (or maybe if you have a great memory) it's simply more secure to use a password manager. Most sites have emails as logins, and if you reuse the same email/password combination you're just asking for trouble for when one day one of those sites get hacked, your password is sold, and someone spams your combo across all popular services and somehow ends up in your bank.

Loved bitwarden but switched to 1Password recently because their UI is so much nicer. ik, weird reason.

also because it was free with GitHub Student.

It’s 1Password for me. Looks good, works good and is available for every platform that I use.

For work I use KeepasXC and Bitwarden+Vaultwarden as well.

Have been using 1password for about 5 years now and have not have a single problem. I really like the integration with browsers and the iOS app. I am keen on testing protons though since I use the VPN and email.

Perhaps a bit more technically involved for some tastes, but here's my setup –

I've used pass for the past few years, a command line based password manager that stores GPG encrypted passwords as text files in a git repository. I use it for more than passwords, so it's more like a passwords-and-other-sensitive-secrets manager.

There's no defined structure, that is left to the user to figure out, but the basic command to get a password and copy it to the clipboard simply grabs the first line of the file, which is where I insert the actual password. There's other info in there too, usernames, challenge questions, etc.

I push the git repo to gitlab, transported via ssh. On my phone, I use a client for Android called Android Password Store, which pulls from the git repository and has an easy interface for adding, editing, and accessing the passwords.

It costs nothing, stays backed up, and works pretty well for my purposes. Despite that, I was looking around to see if KeePass would be a better solution for me in any way, and found this cool thing, passhole, which provides KeePass with a CLI interface similar to that of pass, which is a big part of my attraction to it.

Started with LastPass many years ago - but has changed to 1Password just last week.

Bitwarden and Dashlane were close contenders, but I found that 1Password's sharing feature was better in my usage scenarios.

Bitwarden is great and I don't know how I could live without it anymore.

Yes, 100%... In fact, I often do recommend it to others. Personally I use Bitwarden (paid account even) but I've also recommended 1pass to apple only users because it fits well in that ecosystem.

You can use them to generate a different password for each and every login. And it's really just random letters, number and special characters. That one site gets compromised? They can't then use those credentials to login anywhere else.

You don't have to remember those passwords. Passwords that are easy to remember are probably found in dictionary attacks. You know what's not? Wt2Pwi#$a@Nzeq7*8UwSJ7sTsMKdC!HSGZZ7JnzCtxhfCfFCiXP&FD!yM!c^$DisSR@2 (which I just generated with bitwarden)

2-factor auth is also really easy with most password managers and makes logging in with 2-factor auth easy. I hit one hotkey to fill in the web form with my username/password, hit enter to login and then it auto-copies my TOTP code so I can just paste it and go. Super secure but super easy.

You go to a phishing site? Guess what, a good password manager will store the url and if it doesn't match, that should be your first red flag. If I end up at g00gle.com instead of google.com, it won't show as having a login available.

I've used Dashlane for a few years now and I can't say there are any issues with it at all.
I used to just use a list stored in Google Keep, "encrypted" in such a way that only I knew what the passwords were. That got really old.

it is has become so much easier to manage my password after I started to use bitwarden it is just convenient

Using a sheet of paper right now, am in the process of switching to a self-written password manager. It uses Vigenere encryption using a key that is not saved anywhere (that I have to remember) and saves to a .dat file. Should I use my own tool or a service?

Keepass + Syncthing awesome combination

i am happy since years with 1password

I use keepass 2 with a self hosted nas for the main flle .

Does a sheet of paper count as a password manager?

1password family user here. I cringe nowadays when people still try to remember their passwords and accounts and say they have a "good" system. It's a necessity nowadays. Sounds like the consensus favorite around here is Bitwarden. Anyone wanna tell why they prefer it over 1password? Is it because it's self-hostable?

I don't use them. I see this as a putting all eggs in one basket strategy, if my master password was lost, hacked, hosting company shutdown, or for whatever reason refuse to do business with me, my entire life would be screwed.

Instead I use long passwords made of words, and for each site it will be a few letters off. They're easy for humans to remember because how similar they are, but due how hash works they are equivalent to unique passwords to hackers.