I use Firefox's built in password manager because its crossplatform and I can use it on all my devices.

KeePass is the perfect tool for me ! The cybersecurity practice at work also use it,

Using different passwords for different services protects you against data leaks opening attack vectors for all your services as well as malicious actors using your passwords like that as well as phishing impact.

A password manager is a must for reasonable security.

I use keepass. Local DB file with Master password. No hosted service or Browser extension is another layer of protection, of risk reduction. I manually copy/sync the DB file via cloud storage as a backup and for mobile use.

I use Browser password storage selectively. The most critical stuff definitely only belongs into my memory and password database.

Yes. I’m in the free KeePass ecosystem. Self hosted via iCloud and backed up to Proton Drive.

KeePass2Android no net on my Android.

Keepassium on my iPhone.

And KeepassDX on my desktop.

1Password family account for my partner and I. Super handy to have a shared vault for household things.

1Password since forever. Can’t imagine having to type passwords or remember them.

So many answers for Bitwarden but I too will agree. It's my go-to ever since I've found out about it, I don't know any of my passwords apart from my Bitwarden vault master password tbh.

I also use Bitwarden. I would recommend it to anyone who can benefit from a cloud-based password manager because the basic functionality is free and the more advanced features (premium, family) are very affordable.

Using Bitwarden safely will make your digital life safer, but it will most likely be more complicated than it is now. You will need to:

• Use a randomly generated password for the master password, which is unintuitive but increases your safety
• Enable two-factor authentication (2FA) for all of your accounts that offer it.
• Make an encrypted backup of your Bitwarden vault.
• Create an emergency sheet with your master password, 2FA recovery key, and other important information.
• Plan for what will happen to your passwords if you become sick or die.

You can think about increasing your safety/convenience step by step by keeping a book of password (which can be lost, so has to be kept secure and probably make backup) with

1. Random password/passphrase generator
2. Yubikey + recovery numbers
3. Drop the book, use an offline password manager (which some consider safer)
4. Switch to cloud-based cross-platform password manager, which maximizes convenience

My goto is KeePass. Does everything I need. I like the use of hotkeys and the ability to have complete control over how the autotype works. Plus if you have a fingerprint scanner (phone or laptop or something) you can use autotype with that too. And the program is completely free.

Been using the keepass format with varying applications for about 14 years. I used to host it in SVN repo for that sweet sweet cloud access! Not that smart im retrospec.. I feel like you shouldnt trust your passwords to the cloud, especially if their thing is password management. Last pass for example is under constant battery from attackers.

Yes, and Bitwarden. Strong master password, with 2FA, and randomly generated passwords for the rest. For deeply personal apps such as banking I do have another localized system though. I moved on from LastPass and never looked back.

I’d say they’re pretty much necessary so you can have unique, complex passwords.

I’m currently test driving Proton’s new password manager, I’ve been using 1Password for ages.

Started with LastPass, used it for 10 years. Switched to Bitwarden a while ago, would never go back.

After using one for like 8 years I really don't know how people have the time/energy to make up and remember all their own passwords

I used to use BitWarden but switched to 1Password about a year ago once I decided to buy a business account for my department at work (which gives every user a free family account)

1Password is fantastic. It stores more than passwords, it's fine tuned to do that, but really can be used to store anything securely. The dev team uses it to share secure .env variables and API keys for example.

One of the best features though is the ability to share secured links to VIEW passwords outside of your network. When a coworker asks me to share an account password I don't just copy and paste the username and password over email. I click share in 1Password and shoot them a link that only they can view (using email 2fa). I can also make more open links to shared credentials that expire (or until I expire those links myself).

The phone app works great and once you get it set up on one device it's easy to configure it on others.

Started off with Lastpass free tier, then after they limited the free tier to only one device, switched to Bitwarden.

Bitwarden, open-source, free, and awesome!!!!!

Switched to bitwarden last October and couldn't be happier. Was previously just storing everything in chrome/my Google account. Reused the same password on pretty much every website. When I saw a few articless about chrome causing issues with ad blockers I decided to switch to Firefox which meant having to figure out my passwords. Decided that was a great time to figure out a separate password manager. I still occasionally run into websites I don't use often that still have my old password but for the most part everything is switched over and if 2FA is an option I have it set up. Going through my main sites was a drag but I felt so much better afterwards. I was really shocked at how many websites have really low limits on password length. And how some of the accounts I would really really prefer to have 2FA it's not even an option, looking at you banks.

My work actually just switched payroll companies and when creating my account I noticed the password field was 0/127 so of course I bumped up my password generator to 127 and maxed out the password field 😂

I've used LastPass in the past but now I use bitwarden, gets the job done

Use whatever but also use 2fa as well for every important account that you have.

What are my thoughts on a password manager?

I think it’s both a good thing, and a crutch. I feel the fact that most services are rendered unusable without an account is sad, and with the 100’s of accounts one is expected to have a password manager is sadly needed if you can’t memorize a password or can make passwords with a consistent pass phrase.

Do I use one?

Nope, I have a password system which is good enough for most accounts that’s always more than 7 character long and unique for each account without being lost to me. The only time it has failed as when my work decided to have us change our passwords every quarter, and I ran out of password ideas.

https://play.google.com/store/apps/details?id=keepass2android.keepass2android

Been using this for years. Hosted via ssh on my server in a ovh data center. Fingerprint access and every single account with a random password.

I use KeePass (more specifically KeePassXC). I manually copy my password files around like a caveman but I don't mind. At least my kdbx files are not accessible easily.

I use KeePassXC and synchronise it with syncthing. This allows me to keep it off devices I have no control over (OneDrive servers) and also allows me to have per device version history.

I've been a KeePass user for over a decade and it's always been good to me, especially when using Box and OneDrive to sync it between devices. The ecosystem is great with enough plugins and support to make it fit your use case on any modern OS.

Can't recommend it enough. Especially over other options that are offered by a commercial company (LastPass for example). Not only because you're intently placing your trust in them to not expose your data and keep it secure, but also because you're giving them a lot of leverage to turn around and hold your passwords for ransom at some point in the future (when they IPO for instance, as a popular example) or lock you out after they fold for whatever reason.

Bitwarden is great and I don't know how I could live without it anymore.

Have been using 1password for about 5 years now and have not have a single problem. I really like the integration with browsers and the iOS app. I am keen on testing protons though since I use the VPN and email.

Yes, 100%... In fact, I often do recommend it to others. Personally I use Bitwarden (paid account even) but I've also recommended 1pass to apple only users because it fits well in that ecosystem.

You can use them to generate a different password for each and every login. And it's really just random letters, number and special characters. That one site gets compromised? They can't then use those credentials to login anywhere else.

You don't have to remember those passwords. Passwords that are easy to remember are probably found in dictionary attacks. You know what's not? Wt2Pwi#$a@Nzeq7*8UwSJ7sTsMKdC!HSGZZ7JnzCtxhfCfFCiXP&FD!yM!c^$DisSR@2 (which I just generated with bitwarden)

2-factor auth is also really easy with most password managers and makes logging in with 2-factor auth easy. I hit one hotkey to fill in the web form with my username/password, hit enter to login and then it auto-copies my TOTP code so I can just paste it and go. Super secure but super easy.

You go to a phishing site? Guess what, a good password manager will store the url and if it doesn't match, that should be your first red flag. If I end up at g00gle.com instead of google.com, it won't show as having a login available.

1Password for years, never had any issues.

Loved bitwarden but switched to 1Password recently because their UI is so much nicer. ik, weird reason.

also because it was free with GitHub Student.

Well, shit. I don't use a password manager but now I feel like I should lol. Gonna check out bitwarden I guess.

If you are not using a password manager you are doing it wrong.

KeePass. Putting your passwords on someone else's webserver is just asking for trouble.

I've used 1Password for years. Works well on all my devices (MacBook and Samsung Galaxy phone). I'd absolutely recommend you use one.

Not only are they great for handling complex passwords, but a benefit I've not seen mentioned here is that they are a way of just keeping track of just how many sites and accounts you've registered with.

For example - You buy one product once from an online store, save a password so you can monitor the order status but never use that site again. Before I used 1Password I'd just have forgotten I'd even used that site. But now I can just look down my 1password account and see a whole list of all these passwords and accounts ive created. And there's loads. You forget just how many online accounts and passwords you have out there.

I couldn't live without one these days. I personally use Bitwarden. I have tried most of the other manager suggested in this thread. They each their own benefits. I would recommend one of the hosted services for most people (1password, Bitwarden, not LastPass). I came to prefer Bitwarden for their combination of features and openness. I have self hosted it in the past, but these days just use their hosted service.

There are a lot of side benefits to using one besides just remembering your usernames and passwords for you too.

• It lets you use catch-all emails if you have your own email domain
  • allows you to give services their own address to track abuse
  • makes you more resistant to someone taking your leaked credentials from one site and using it for another
  • easier spam filtering
• Most password managers support random password generation
• Saving things that aren't logins
  • Family member's SSNs and DL numbers
  • Credit cards
  • Wifi passwords
  • Gate codes
• Sharing always up to date passwords and other secrets with people (for hosted options)
• 2FA is easier