What is a really smart choice for password manager apps? Concerned about privacy and politically involved CEOs.

I’ve used:

  • LastPass
  • 1Password
  • ProtonPass (Now using)

I thought ProtonPass was a good choice but I’m starting to read more about it. What’s just a really solid choice all around, that you can feel good about? Free or paid.

Update: I decided to go with Bitwarden and Bitwarden Authenticator. The features and the experience are better than the three listed above that I’ve used before. Awesome advice here, thanks everyone.

  • Gayhitler@lemmy.mlEnglish
    36·
    5 days ago

    Bitwarden.

    You know if you need more than that and if you’re asking on lemmy you don’t need more than that.

      • Gayhitler@lemmy.mlEnglish
        131·
        5 days ago

        I would recommend people not do that unless they know they need to and again, if you know you need to you’re not asking on lemmy.

        Hosting your own secrets not only puts the burden of protecting, providing access to and preserving the secrets entirely on you, but puts a very unique set of hosting goals squarely on you as well.

        Even a skilled administrator with significant resources at hand would often be better served by simply using bitwarden instead of hosting vaultwarden.

        An example I used in another thread about password managers was a disaster. When your local server is inoperable or destroyed and general local network failure makes your cloud accessible backup unreachable, can you access your secrets safely from a public computer at the fire department, church or refugee center?

        Bitwarden works well from public computers and there’s a whole guide for doing it as safely as possible on their website.

      • trouble@lemm.ee
        13·
        6 days ago

        I’m happy with Bitwarden, the iPhone app and windows software / Firefox extension all work seamlessly and easily

    • hedgehog@ttrpg.network
      18·
      6 days ago

      You can self-host Bitwarden, too. My understanding is that VaultWarden is much simpler to self-host, though. Note that VaultWarden isn’t a “fork”; it’s a compatible rewrite in Rust (Bitwarden’s codebase, by contrast, is primarily C#).

      I also use Bitwarden and strongly prefer it over every other password manager I’ve tried or investigated, for what that’s worth. I’d recommend it to 99% of non-enterprise users (it’s probably great for enterprise use as well, TBF).

      The only use case I wouldn’t recommend it for is when you don’t want your passwords stored in the cloud, in which case KeePass is the way to go. To be clear, that recommendation does not apply if you’re syncing your vault with a cloud storage provider - even one you’re hosting, like SyncThing - even if your vault is encrypted. At that point just use Bitwarden or VaultWarden, because they’re at least audited with your use case in mind (Vaultwarden has only been audited once afaik, though).

    • foiledAgain@lemmy.worldEnglish
      4·
      6 days ago

      Bitwarden paid version also lets you set emergency access for others in the case of your death or inability to access

  • Scrath@lemmy.dbzer0.com
    581·
    6 days ago

    I use KeepassXC which is free and open-source. The passwords are stored as an encrypted file on your own system. No servers or businesses involved.

    Personally I put mine in onedrive so it is synced between all of my devices though, so I guess there is still a server involved in that case

  • Lettuce eat lettuce@lemmy.ml
    5·
    4 days ago

    Been a Bitwarden user for several years now, both personal and deployed at multiple small businesses.

    It has been fantastic the whole time. Pricing is great, open source, runs on basically everything, and easy to use.

    KeypassXC if you’re uber-paranoid or a hardcore Stallmanite, otherwise, Bitwarden all day 100%

    • Lad@reddthat.com
      9·
      5 days ago

      It’s so much better since they updated the (IMO) ugly, dated UI design. It looks nice and fresh now. Bitwarden is the MVP.

  • NutWrench@lemmy.mlEnglish
    161·
    5 days ago

    I recommend Keepass. It’s freeware, is available on all platforms and supports biometrics (fingerprints, etc) on Android devices. It also encrypts the password file on your device, so you can keep a copy of that file on a cloud service without worrying if that service really respects your privacy or not.

    • Whooping_Seal@sh.itjust.worksEnglish
      3·
      5 days ago

      This is perhaps overkill, but you can also encrypt the contents of your online cloud storage with CryFS / Cryptomater. This is particularly useful if you wish to store sensitive documents (healthcare, finances etc) in a cloud environment in case of catastrophic destruction of property (destroying computers / on site backups of data).

      In this case you can also backup your keepass file in this encrypted virtual storage medium, on top of the prexisting encryption of the database itself.

  • Churbleyimyam@lemm.ee
    241·
    6 days ago

    Use KeepassXC with Syncthing for maximum autonomy or Bitwarden for maximum ease. Both are FOSS. That’s my recommendation and also seems to be the consensus among those who share your needs.

      • electric_nan@lemmy.ml
        2·
        5 days ago

        I use Nextcloud, which always works well for me. I don’t use Dropbox or Gdrive or OneDrive, but they should work too. What have you been using?

      • JillyB@beehaw.org
        1·
        5 days ago

        Probably not ideal but I use Google drive for synching and it worked fine. The database is encrypted so, at worst, Google knows I have a password manager.