Password manager?
January 20, 2022 6:10 AM   Subscribe

Hello; Do you use a password manager? If so,which one? I have been googling and there are several out there. I don't mind paying for one,but which one?lol. I would like a simple one. Running Win.11,Chrome on desktop. Thanks for all your input :-)
posted by LOOKING to Computers & Internet (39 answers total) 16 users marked this as a favorite
Bitwarden has changed my life for the simpler.
posted by theweasel at 6:27 AM on January 20 [11 favorites]

I use Bitwarden (free) as well and it has worked fine. it has a site, a browser extension, and an iOS app as well. everything works, and have now slowly begun letting bitwarden generate and store all my passwords.
posted by alchemist at 6:29 AM on January 20 [2 favorites]

Lastpass. I pay for a family plan. Works on Windows, Apple, Android, and with Chrome, Edge, Firefox, etc. There are a lot of good ones out there, none of them are perfect, and there really isn’t a “right” one. Just get one and start using it.
posted by lhauser at 6:29 AM on January 20 [8 favorites]

I've used 1Password for a few years.

Works on all the usual suspects (macOS, iOS, Windows, Android, browser plugins).

I've been happy with it. I use the $2.99USD/mo personal plan.
posted by theorique at 6:30 AM on January 20 [2 favorites]

I used to use LastPass which was fine albeit a bit clunky, closed-source, and has a worryingly-large attack surface.

Then they heavily restricted the free version, so I switched to Bitwarden's free plan. There are a few minor irritations e.g. not always detecting which apps belong to a given website. But on the whole it's great.
posted by Klipspringer at 6:32 AM on January 20 [2 favorites]

Plug for 1Password. It's definitely worth the subscription fee.
posted by Osrinith at 6:48 AM on January 20 [1 favorite]

Does anyone have info about the robustness, for lack of a better word, of these underlying companies?

Ie, how does one know that (1) a given password collector isn't a Russian bot playing a long troll and (2) even if they're genuine, that they have some runway in front of them, so if you make a switch that you don't have to do it again with a new one in 1-2 years?
posted by Reasonably Everything Happens at 6:52 AM on January 20 [3 favorites]

Another vote for Bitwarden.
posted by General Malaise at 6:54 AM on January 20 [1 favorite]

I've been a 1Password user for years and can recommend it.
posted by jdl at 6:56 AM on January 20 [1 favorite]

Open-source - KeePass, with my password file synchronized across devices using Microsoft OneDrive.

On my phone, KyPass.

Personally - I will never trust a password manager that stores my passwords in their cloud - if it is free now, it won't be in the future. If it hasn't been hacked - it is only a matter of time. At least, if my OneDrive/Microsoft Account gets hacked, that is my own direct fault.
posted by rozcakj at 7:05 AM on January 20 [12 favorites]

We've used a family plan for 1Password for many years - solid
posted by leslies at 7:06 AM on January 20 [1 favorite]

I use KeePass for work, where I have files for shared and individual passwords that I use work VPN to back up to the work Windows file share (stored on a server in the office, with encrypted backups elsewhere) on a regular basis. I don't need access to almost any work passwords on mobile devices, so I just read them from KeePass and type them in.

In my personal life, where I keep all my stuff in the cloud anyways, I use BitWarden, but because I am cautious about the risk of browser extensions "leaking"/auto-filling incorrectly, I just use the web vault and the iOS app. If you're new to password storage, BitWarden is definitely simpler than a local-storage-only option like KeePass.

IIRC both of these are open-source and have been audited by third parties.
posted by All Might Be Well at 7:10 AM on January 20 [2 favorites]

I've been using LastPass for about seven years now and have been very happy with it. I've used it across Windows, MacOS, Android, and iOS devices at the same time with no issues.
posted by neushoorn at 7:10 AM on January 20 [2 favorites]

1Password - they've been around forever, they are pretty upfront about their design and defense assumptions and practices and as of this week better funded than almost anyone to the tune of 600+m dollars raised in a C round.

They who get my vote but there are a few good options - the important thing is to *use* one.
posted by iamabot at 7:15 AM on January 20 [1 favorite]

I use Dashlane with a family account. It has a web app, mobile apps, and browser plugins for all popular platforms and browsers. I have it enabled on my iPhone and Chrome browsers for work & home and it syncs between all of them.

I like it because it does a good job of auto-filling forms with username/passwords, credit cards, addresses, and IDs (SSN, Driver's License). You can also create secure notes to track passwords, PIN numbers, etc. for things that Dashlane can't the entry code for my storage unit.

If a website requires additional security questions/answers, you can put those in a notes field with each password. Alas, Dashlane will not auto-fill those security questions.

It also has sharing per password so I can either grant auto-fill or full access to my wife for selected passwords for when we share accounts or she needs to manage my accounts. There's also "in case of death" setup to grant her access to everything if I die.

Finally, it does security reviews - letting you know the age of passwords in accounts, which accounts have weak passwords, or which passwords are being re-used across multiple accounts, and it reports when there have been security breaches on websites that you have accounts so you know to change your password.

Overall I really like it. I switched to it from Lastpass a few years ago, which was not performing well at autofill. 1Password is really popular but IIRC is only for OSX/iOS and not Windows nor Android...maybe that's changed?
posted by jpeacock at 7:19 AM on January 20 [1 favorite]

nth-ing 1Password. It's not the cheapest but it's the best.
posted by JDHarper at 7:22 AM on January 20 [1 favorite]

Another vote for KeePass saved on my Gdrive. Very straightforward and convenient. Been using it for years.
posted by Zumbador at 7:22 AM on January 20 [3 favorites]

For a simple paid cloud app, Bitwarden premium for $10/year.

If you don't want cloud then Keypass with dropbox/GDrive.
posted by WizKid at 7:25 AM on January 20

I use dashlane and I like it, but iambot is right - they're all pretty good and it's best to just pick one.
posted by Ragged Richard at 7:35 AM on January 20

nthing that the best thing to do is pick one. and start using it.

I use LastPass. The prevailing wisdom on LastPass is that it was the best a while back and might have declined a bit since LogMeIn bought it and/or since they hobbled the free tier. Thing is, the engineers on the team have convinced LogMeIn to spin LastPass off as an independent company, with the stated goal of providing enhancements and on an accelerated timeline to better return value to their paying customers. I have a feeling this is going to work out pretty well.

I'll also mention that if you're on the fence about which one to use, but are also considering a VPN, NordVPN will throw in NordPass with some of its VPN plans, so you have an opportunity to two birds/one stone it there.
posted by DirtyOldTown at 7:44 AM on January 20 [3 favorites]

One other tip: when you move to a password manager, plan to spend a whole day on it.

Make your master password hard to guess but easy to remember using a phrase.

Go to positively every site you regularly use and assign fresh passwords and save them.

Go to any/every site you can pay bills/access financials/health care with, even if you rarely/never use them and change/save those passwords, too.

Go into your email and track down every site you've bought something on and change/save those passwords.

Save copies of your insurance cards, vaccination records, etc. Save your login password for your computer in there, too. Make it a one stop shop.
posted by DirtyOldTown at 7:55 AM on January 20 [7 favorites]

I use Lastpass and we pay for a family plan.
posted by OrangeVelour at 7:56 AM on January 20 [1 favorite]

I mainly use keepass, but for unimportant sites I will let firefox generate and store passwords for me.
posted by DarkForest at 8:34 AM on January 20 [1 favorite]

I really like 1Password. When my partner and I moved in together, I added him and we now each get our own private vaults, plus a shared vault for all our bills and subscriptions. It's really slick. Every time one of us sets up something new that we'll both use, we just pop the password into the shared vault and we're in. So easy.
posted by iamkimiam at 8:37 AM on January 20 [1 favorite]

Have used LastPass for years. IOS app is solid. Even the MacOS app which IIRC hasn’t been updated in awhile, works well. I don’t use the browser extension *at all*, i find that alt-tabbing between the app & the browser is easy, and because Autofill just … makes me worry unnecessarily. YMMV.

Their support for hardware tokens for 2FA looks solid.

TBH i recall looking to switch to 1Password when i read that LastPass’ parent company was sold to some Private Equity company, but stood down.
posted by armoir from antproof case at 8:45 AM on January 20

I'm a 1Password user but the new VC investment bothers me. They're going to be adding new stuff to the system to increase revenue and pay back that investment, and probably lose sight of the simplicity that made it popular. I'd expect price increases, too.
posted by JoeZydeco at 8:48 AM on January 20

Another one for Bitwarden after using lastpass until they started to charge for multiple devices. I use it on three OSes and multiple browsers. There is not a huge difference between the two.

At this point in the game I don't know more than 90% of my passwords.
posted by How much is that froggie in the window at 8:51 AM on January 20

I currently use 1Password personally and really like it at the moment, it feels like it fits really seamlessly into my workflow on my iPhone and Mac and Windows laptop. Work uses LastPass and I really hate it--the desktop app is weirdly crippled compared to the web interface and frustrating to use. I, too, get nervous about the amount of VC funding 1Password has taken on, but so far my experience hasn't degraded and I'm hoping the revenue comes from better expanding into B2B features and it won't wreck the consumer side.

I've noticed Dropbox now has a password keeper, and while I've been too satisfied with 1Password so far to consider changing, if you already have a (probably paid, the free plan has a pretty hobbled limits) Dropbox account it might be something worth investigating.
posted by foxfirefey at 9:08 AM on January 20

Does anyone have info about the robustness, for lack of a better word, of these underlying companies?

Good question. I had asked a similar question on a highly technical forum before I signed up for 1Password.

They do have a number of publications about how their product operates, which satisfied me that they weren't a shady front for a crime organization.

posted by theorique at 9:41 AM on January 20 [1 favorite]

I pay for and use LastPass mostly out of inertia these days; while they haven't done anything egregious enough for me to switch, I fully expect it to happen at some point. The software is fine, if somewhat idiosyncratic, but if the way they've been running the product lately is any indication, it feels like they're going to start doing more to exploit lock-in to drive more income. I'd personally look for a different service if I were to start over again.
posted by Aleyn at 9:42 AM on January 20 [1 favorite]

I have used Dashlane for several years and mostly like it BUT they recently removed the “emergency access” function, replacing it instead with something like “make an encrypted backup of your Dashlane data” which is not the same as it doesn’t account for any changes made after that backup was created. I asked them about this since it was one of the functions I needed, and they said they are improving it and will release it again later (no ETA provided). Bitwarden has this feature and if I were starting now I would likely go with Bitwarden. I say this after considering leaving Dashlane and therefore doing a fair amount of research in the last few months.
posted by 2 cats in the yard at 10:00 AM on January 20

I use bitwarden for personal use and am forced to use KeePass for work (security paranoia requires no cloud based password manager) Both are easy to use, but bitwarden is cloud based which makes it more useful in general life.
posted by schyler523 at 10:29 AM on January 20

If you spend a regular amount of time on a work/school/organizational computer that has firewalls/blocked sites, make sure the one you choose is permitted. My work PC blocks some but not others, for [reasons], I guess?
posted by DirtyOldTown at 11:19 AM on January 20

I use the one written by MeFi's own Lanark (Simon Sheppard) although modified a bit to suit my needs. I don't know that I'd recommend it to someone who isn't on the nerd-spectrum, however.
posted by It's Never Lurgi at 11:58 AM on January 20

I'm a happy free tier BitWarden user as well. I think I found it recommended here on the green.
posted by kathrynm at 3:51 PM on January 20

I used to use Lastpass but got frustrated with the experience, particularly on Android. Now using 1Password and much prefer it.
posted by chrispy at 4:27 PM on January 20

I like and have paid for 1Password for years. Now have a family plan so me and Mrs Fabius can share joint stuff.

I’ve seen speculation that their latest round of big funding, and the announcement, makes it sound like they’re going to start focusing more on “enterprise”, but no one knows if that will mean anything better or worse for ordinary (non-enterprising?) users.
posted by fabius at 5:20 AM on January 21

I have used LastPass for roughly 10 years with a paid subscription. It has worked well, no problems, though the software is a little kludgey at places - e.g., some of the options/preferences screens look like they are from the 1990s web and are hard to understand.

There is a huge amount of bad feeling for LastPass out there on the more technical/crypto discussion groups. A lot of this seems to be related to the the fact that LP is more "closed source" than 1Password, and the technical folks believe that open source is better for spotting/fixing flaws, etc. I don't know enough to assess that debate, just pointing out that it exists. But, I think that some of that bad feeling gets ramped up into alarmism about anything that happens with LP.

I have thought about switching to 1Password from time to time but have always gotten hung up in the complexity of the account creation process. Maybe they've made that easier?
posted by Mid at 6:06 AM on January 22

Response by poster: Thanks everyone for all ur help!
posted by LOOKING at 6:42 AM on January 23

« Older Online brokerage screwup cost me money. What can...   |   Soups & stews that freeze well Newer »

You are not logged in, either login or create an account to post comments