BrikoX
link
fedilink
48
edit-2
2Y

Neither is better as they offer different things. Both are audited by third parties.

I use Bitwarden and recommended it to all my friends and family. It’s e2ee and you can have them on all your devices, it has autofill, password generators, and username generators. It’s pretty neat.

I also have some friends who use keepassxc. There are mobile clients out there for it as well but it’s meant as a completely offline password storage.

m3adow
link
fedilink
22Y

Keepass files can be synced via Cloud Storage. I keep mine in my Nextcloud account.

Dark Arc
link
fedilink
42Y

I use Bitwarden for passwords, but I think Proton Pass is an honorable mention. It’s possibly more secure, but still new.

BrikoX
link
fedilink
42Y

Bitwarden just added support for Argon2id which makes brute forcing (which is impossible at the moment) even harder compared to PBKDF2.

Nailbar
link
fedilink
62Y

Harder than impossible. Now that’s a feature!

BrikoX
link
fedilink
82Y

Harder in a sense that it costs even more resources per try, but current tech is not capable of brute forcing either.

1000% bitwarden. LastPass gets breached too often and have bait and switched users that were using the free version. Jump ship if you’re using them, export them and import into bitwarden.

deleted by creator

BrikoX
link
fedilink
62Y

Mostly business customers https://bitwarden.com/products/business/

I pay for premium and it’s nice to be able to use TOTP.

It’s a freemium model.

There is a feature limited free version. Then a full featured version people pay for.

In this case, there’s also a business version with per-user billing.

@[email protected]
link
fedilink
5
edit-2
2Y

KeePassXC

Why specifically KeePassXC instead of KeePass?

Less support for KP on Linux. Needs Mono to run. More importantly, AFAIK, it won’t interface with a browser extension (on Linux). So KP is more Windows oriented.

BrikoX
link
fedilink
32Y

Lack of 3rd party audit. Only KeePass 1.x was audited independently.

Keepass

Vaggumon
link
fedilink
-42Y

Not using one. Anything and everything that is connected to the internet in any way what-so-ever has at the very least some level of insecurity and vulnerability.

I’m sorry, what? By that logic why even have passwords at all!

@[email protected]
creator
link
fedilink
22Y

I Used to think like this but having multiple different accounts with multiple different password on different site is tiring. Just for this week i forgot my password on 3 different site which apparently i already change 1 of those site password last week. Now i second guessing myself every time i try to log in on a site

Mewtwo
link
fedilink
32Y

Why should I use bitwarden instead of Google’s password manager?

@[email protected]
creator
link
fedilink
42Y

I use google password for my not so important account (shitpost account or burnable). Thing to remember, google is an advertisement company

deleted by creator

Something to keep in mind is that security isn’t just about preventing attackers from accessing it. If that was the only criteria, then the most secure thing would be a flash drive buried in concrete.

Security is also about accessibility.

To that point, I believe the best password manager is subjective. That being said, I’m going to throw out a recommendation for 1Password. If you use it right, it balances security with convenience really well.

I have been using 1Password for a few years now, coming from LastPass before the whole bait-and-switch thing they did. I love 1Password, but I am curious how it stacks up to BitWarden since everyone in this thread keeps mentioning them.

scytale
link
fedilink
32Y

Keepass. Bitwarden for more convenience.

@[email protected]
link
fedilink
3
edit-2
2Y

KeepassXC unless you need to share passwords, then Bitwarden but you have to figure out hosting or pay for it. I have been using Keepass for like 20 years. In the last 4-5 years, I use KeepassXC and it gets synced to other devices with syncthing.

Bitwarden has a free tier on their service where you can share passwords with a single person. It’s not much in that regard but it’s all some people need.

I like the idea of a locally stored and locally encrypted password manager because when your passwords are on somebody else’s server with 10s of thousands of other people, that server becomes an attractive target for hacks. Who would bother hacking my computer just for one set of passwords?

But with something hosted, they do (probably, do your research) have professional security experts working to protect their database.

I like them being locally encrypted, but them being not (exclusively) locally stored is very important if you want to keep using those accounts after your hard drive fails.

Bitwarden with YubiKey

Charcoal8645
link
fedilink
12Y

Use bitwarden but never heard of YubiKey. Quick search on google gave me nothing. What is it?

https://www.yubico.com/

I use it as my 2nd facor authentication.

google keep but dont label ur passwords so the hackers cant use them (and neither can u)

Depends on your definition of secure.

A pen and paper can’t be hacked

@[email protected]
link
fedilink
English
22Y

Just thinking out loud. If your paper record is actually QR codes, then you could scan them into your device as you need them. So you wouldn’t have to type some long, complicated sequence by hand.

KeepassXC should be secure enough, you can even use a hardware key.

But make sure to use version 2.54 or newer.

The most secure thing to do would be to host your own server. You can do this with Bitwarden. Remember though that if you lose your server, you lose your passwords. You can also just use Bitwarden and their cloud service. It’s free and open source.

@[email protected]
creator
link
fedilink
12Y

I can’t really host my own server right now (maybe later when i have my own place) and after a bit of research bitwarden is the best free option but somehow it have 3.4 ish rating in my region

Panja
link
fedilink
182Y

The most secure thing to do would be to host your own server.

That is assuming that you believe you are more secure than say Bitwarden the company, especially if you are hosting publicly.

Availability is really important too when literally all your passwords are in there

Or use something like KeePassXC that uses a database file, no internet required (other than downloading software).

No Stupid Questions
[email protected]
Create a post

No such thing. Ask away!

!nostupidquestions is a community space dedicated to being helpful and answering each others’ questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must be legitimate questions. All posts titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.



Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That’s it.



Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it’s in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.



Rule 7- You can't harass or disturb other members.

If you vocally harass or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- Majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Matrix Chat Room

To find & join our chat room, log into fluffychat.im(or any other matrix client) and put #nostupidquestions:matrix.org on the search bar.

Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

  • 1 user online
  • 213 users / day
  • 9 users / week
  • 232 users / month
  • 772 users / 6 months
  • 0 subscribers
  • 597 Posts
  • 13.9K Comments
  • Modlog