this post was submitted on 05 Jul 2023
6 points (100.0% liked)

Android

27856 readers
34 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules

1. All posts must be relevant to Android devices/operating system.

2. Posts cannot be illegal or NSFW material.

3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.

4. Non-whitelisted bots will be banned.

5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.

6. Memes are not allowed to be posts, but are allowed in the comments.

7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.

8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.

Community Resources:

We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.

Our Partner Communities:

!android@lemmy.ml

founded 1 year ago
MODERATORS
MargotRobbie@lemmy.world
Rooki@lemmy.world
Thekingoflorda@lemmy.world
L3s@lemmy.world
_MoveSwiftly@lemmy.world
6
Opinion - What are your thoughts on password managers? Do you use one? Would you recommend it to others? (lemmy.ca)
submitted 1 year ago by Kagathara@lemmy.ca to c/android@lemmy.world
32 comments fedilink hide all child comments
 
top 32 comments
sorted by: hot top controversial new old
[–] art@lemmy.world 2 points 1 year ago (1 children)

Everyone should be using a password manager. Every service should have a different password (and some service should have several passwords) and it's impossible for the average person to keep track of all of those. Every time I hear about someone losing control of an account it's because they were using the same password as another service.

I recommend:

  • KeePassDX: Can be completely offline. Probably the most secure but can be a little awkward to use sometimes.
  • Bitwarden: Cloud based but open source. You could run a server but the main service offers MOST of the features for free.

Your mileage may very with some of the proprietary platforms. However my job uses 1 Password and it seems to be fairly safe.

[–] ErwinLottemann@feddit.de 0 points 1 year ago

Vaultwarden is a selfhostable bitwarden implementation where all the features are free. (Some are not implemented, though)

[–] oatmilkmaid@possumpat.io 2 points 1 year ago

Bitwarden all day every day. I don’t even know any of my passwords because they’re all randomly generated. Try to guess my password now hacker man

[–] RealFknNito@lemmy.world 2 points 1 year ago (3 children)

KeePassXC here. Locally encrypted, Locally stored, cloud backup of an encrypted file, synced with SyncThing to mobile devices. I will never trust nor recommend a cloud based manager with all the breaches.

[–] thurstylark@lemm.ee 1 points 1 year ago

Yeah, KeePassXC + SyncThing all day every day. Can't in good conscience trust someone else with my sensitive data, even if I encrypt it before it gets to their servers. My database is keys-to-the-kingdom level shit.

[–] Decoy321@lemmy.world 0 points 1 year ago

This is the way.

[–] innkeeper@lemmy.world -1 points 1 year ago

This is the way.

[–] cordlord@eviltoast.org 1 points 4 months ago

I know a lot of people are saying Bitwarden, but I've been using 1Password for 4 years and Bitwarden just isn't a viable replacment.

1Password looks much more modern and their organizational tools are not present at all in Bitwarden. I can't even sort by date created or modified in Bitwarden.

Not using a password manager is like not having locks on a house. Everyone should have one and if you don't, you're risking a lot of valuable stuff being taken from you.

[–] kalipike@lemmy.one 1 points 1 year ago* (last edited 1 year ago)

A password manager is an absolute must, in my opinion! I use Bitwarden and love it.

[–] Robboman93@lemmy.world 1 points 1 year ago

Bitwarden is really great imo.

[–] Tyr3al@feddit.de 0 points 1 year ago

It’s 1Password for me. Looks good, works good and is available for every platform that I use.

For work I use KeepasXC and Bitwarden+Vaultwarden as well.

[–] wasabi@feddit.de 0 points 1 year ago

If you are not using a password manager you are doing it wrong.

[–] rknize@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (1 children)

Went LastPass (avoid) -> 1Password -> Bitwarden. Pretty happy with BW, as it has reasonable integrations on Android. Prior to that, i was using a UNIX tool called "pass", which used GPG and allow some degree of organization. I still use it for some stuff.

[–] zerotime@feddit.de 0 points 1 year ago

I would not recommend cloud based password manager. We all know what happened to LastPass. But locally encrypted ones are great. I love to use KeePassXC.

[–] Kissaki@feddit.de 0 points 1 year ago

Using different passwords for different services protects you against data leaks opening attack vectors for all your services as well as malicious actors using your passwords like that as well as phishing impact.

A password manager is a must for reasonable security.

I use keepass. Local DB file with Master password. No hosted service or Browser extension is another layer of protection, of risk reduction. I manually copy/sync the DB file via cloud storage as a backup and for mobile use.

I use Browser password storage selectively. The most critical stuff definitely only belongs into my memory and password database.

[–] heimlichmanure@lemmy.world 0 points 1 year ago (1 children)

Using a password manager was a game changer for me and I recommend it to everyone. I use both Bitwarden and 1Password. I find Bitwarden to run better on Android and 1Password better on iOS. But both are the best password managers in my opinion.

[–] IuseArchbtw@feddit.de 0 points 1 year ago

That's weird. I was using iOS some time ago and I figured Bitwarden is way more smooth on iOS than android

[–] lka1988@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (1 children)

KeePass user here for.....a long-ass time. Won't use anything else. Official KeePass 2.x on my computers, and KeePass2Android on my phone. The database is synced to my Google Drive, and a strong passphrase plus a key file keeps it nice and secure.

[–] nerdovic@feddit.de 0 points 1 year ago

Same here, using KeePass2Android and a WebDAV Share to host my DB.

[–] rustydomino@lemmy.world 0 points 1 year ago (1 children)

I use 1password. I heard that Apple uses 1password internally. I figure their IT guys are more expert than me, a random internet dude. So I chose 1password. Works great on desktop, mobile, and even Linux. Family plan is a good deal. You can even share passwords between users for common things like bank accounts, etc, between family members.

[–] Roxxor@feddit.de 0 points 1 year ago

Source? Wouldn't Apple use it own password manager?

[–] M0oP0o@mander.xyz 0 points 1 year ago (1 children)

Does a sheet of paper count as a password manager?

[–] Roxxor@feddit.de 0 points 1 year ago

Not as a secure one at least.

[–] zephyr@lemmy.world 0 points 1 year ago (1 children)

Trust no one. Not because you're paranoid, but because you don't need to.

Trust no one and just use KeePassXC.

[–] Roxxor@feddit.de 0 points 1 year ago

So you trust the KeePassXC developers. Im also using KeePassXC, but saying "trust no one" is BS. Except you audited the code yourself, which I doubt.

[–] overfox@feddit.de 0 points 1 year ago

Started with LastPass, used it for 10 years. Switched to Bitwarden a while ago, would never go back.

[–] nopsurfer@lemmy.world 0 points 1 year ago (1 children)

Yes, they should be used. KeepassXC FTW

[–] willeypete23@reddthat.com 0 points 1 year ago (1 children)

There's an exploit that will dump all you passwords as raw text as a feature

[–] 0laura@lemmy.dbzer0.com 1 points 1 month ago

can you elaborate?

[–] nyternic@lemmy.world -1 points 1 year ago

I do not trust password managers. There's a saying that goes 'do not put all of your eggs in one basket' and that's what I don't do. Mobile, Desktop, whatever, I don't use a single password manager. It wasn't long ago that a password management company was compromised, right? What are the odds that similar circumstances could happen on another password management company? It'd be a disaster.

Whatever happened to just simply having a notepad program/app and documenting your passwords onto there?

Ironic to the contrary, I've caught myself using browsers such as chrome to save my passwords for easier log in. But that's simply out of my decaying memory due to age, not necessarily because I have a bias with Google and I trust them with everything. I still don't trust them with everything.