9
Bitwarden all day every day. I don’t even know any of my passwords because they’re all randomly generated. Try to guess my password now hacker man
this post was submitted on 05 Jul 2023
9 points (100.0% liked)
Android
30214 readers
96 users here now
DROID DOES
Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules
1. All posts must be relevant to Android devices/operating system.
2. Posts cannot be illegal or NSFW material.
3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.
4. Non-whitelisted bots will be banned.
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
Community Resources:
We are Android girls*,
In our Lemmy.world.
The back is plastic,
It's fantastic.
*Well, not just girls: people of all gender identities are welcomed here.
Our Partner Communities:
founded 2 years ago
MODERATORS
KeePassXC here. Locally encrypted, Locally stored, cloud backup of an encrypted file, synced with SyncThing to mobile devices. I will never trust nor recommend a cloud based manager with all the breaches.
Yeah, KeePassXC + SyncThing all day every day. Can't in good conscience trust someone else with my sensitive data, even if I encrypt it before it gets to their servers. My database is keys-to-the-kingdom level shit.
This is the way.
Oh yeah, someone, finally :D KeepassXC on PC, KeepassDX on Android, Syncthing for synchronization. I like when my password is just one file, that I can easily backup, not some cloud thing 🙂
This is the way.
Everyone should be using a password manager. Every service should have a different password (and some service should have several passwords) and it's impossible for the average person to keep track of all of those. Every time I hear about someone losing control of an account it's because they were using the same password as another service.
I recommend:
- KeePassDX: Can be completely offline. Probably the most secure but can be a little awkward to use sometimes.
- Bitwarden: Cloud based but open source. You could run a server but the main service offers MOST of the features for free.
Your mileage may very with some of the proprietary platforms. However my job uses 1 Password and it seems to be fairly safe.
Vaultwarden is a selfhostable bitwarden implementation where all the features are free. (Some are not implemented, though)
Been using the Firefox password manager ever since I've been using Firefox on all devices. Used Firefox clockwise before that. Planning to switch to a self hosted vaultwarden+bitwarden setup. Any guides or pointers are welcome.
I’m going to suggest the lessor known option, Enpass, I’ve used it for maybe eight years? I paid a one off fee at the time. It’s multi platform, windows, iOS, Linux etc. It has browser plugins, there’s a Flatpak option so it’s handy for my Linux distrohopping. It supports passkeys and one time codes and you can store the data in any cloud you want..
Bitwarden is really great imo.
Selfhosting it is even better
I use 1Password atm, but want to switch either to Proton or something selfhosted.
A password manager is an absolute must, in my opinion! I use Bitwarden and love it.
I know a lot of people are saying Bitwarden, but I've been using 1Password for 4 years and Bitwarden just isn't a viable replacment.
1Password looks much more modern and their organizational tools are not present at all in Bitwarden. I can't even sort by date created or modified in Bitwarden.
Not using a password manager is like not having locks on a house. Everyone should have one and if you don't, you're risking a lot of valuable stuff being taken from you.
Password manager-less life with notebooks and reused passwords is life in the stone age. If you or anyone you know isn't using one, get on bitwarden.
Everyone knows why password manageras are absolutely essential, but here's an often neglected perk: I can list every site I ever signed up to. Wanna delete some old accounts? "Did you sign up to X yet?" Simples.
I'm in the Bitwarden camp. There is no other way for me to have complex/secure passwords and remember them for my gazillion accounts.
KeePass user here for.....a long-ass time. Won't use anything else. Official KeePass 2.x on my computers, and KeePass2Android on my phone. The database is synced to my Google Drive, and a strong passphrase plus a key file keeps it nice and secure.
Same here, using KeePass2Android and a WebDAV Share to host my DB.
Yes, they should be used. KeepassXC FTW
There's an exploit that will dump all you passwords as raw text as a feature
I use 1password. I heard that Apple uses 1password internally. I figure their IT guys are more expert than me, a random internet dude. So I chose 1password. Works great on desktop, mobile, and even Linux. Family plan is a good deal. You can even share passwords between users for common things like bank accounts, etc, between family members.
Source? Wouldn't Apple use it own password manager?
Does a sheet of paper count as a password manager?
Not as a secure one at least.
Trust no one. Not because you're paranoid, but because you don't need to.
Trust no one and just use KeePassXC.
So you trust the KeePassXC developers. Im also using KeePassXC, but saying "trust no one" is BS. Except you audited the code yourself, which I doubt.
Started with LastPass, used it for 10 years. Switched to Bitwarden a while ago, would never go back.
It’s 1Password for me. Looks good, works good and is available for every platform that I use.
For work I use KeepasXC and Bitwarden+Vaultwarden as well.
If you are not using a password manager you are doing it wrong.
Went LastPass (avoid) -> 1Password -> Bitwarden. Pretty happy with BW, as it has reasonable integrations on Android. Prior to that, i was using a UNIX tool called "pass", which used GPG and allow some degree of organization. I still use it for some stuff.
What's wrong with LastPass?
https://www.theverge.com/2022/12/22/23523322/lastpass-data-breach-cloud-encrypted-password-vault-hackers That's why LastPass isn't save.
I would not recommend cloud based password manager. We all know what happened to LastPass. But locally encrypted ones are great. I love to use KeePassXC.
Using different passwords for different services protects you against data leaks opening attack vectors for all your services as well as malicious actors using your passwords like that as well as phishing impact.
A password manager is a must for reasonable security.
I use keepass. Local DB file with Master password. No hosted service or Browser extension is another layer of protection, of risk reduction. I manually copy/sync the DB file via cloud storage as a backup and for mobile use.
I use Browser password storage selectively. The most critical stuff definitely only belongs into my memory and password database.
Using a password manager was a game changer for me and I recommend it to everyone. I use both Bitwarden and 1Password. I find Bitwarden to run better on Android and 1Password better on iOS. But both are the best password managers in my opinion.
That's weird. I was using iOS some time ago and I figured Bitwarden is way more smooth on iOS than android
I do not trust password managers. There's a saying that goes 'do not put all of your eggs in one basket' and that's what I don't do. Mobile, Desktop, whatever, I don't use a single password manager. It wasn't long ago that a password management company was compromised, right? What are the odds that similar circumstances could happen on another password management company? It'd be a disaster.
Whatever happened to just simply having a notepad program/app and documenting your passwords onto there?
Ironic to the contrary, I've caught myself using browsers such as chrome to save my passwords for easier log in. But that's simply out of my decaying memory due to age, not necessarily because I have a bias with Google and I trust them with everything. I still don't trust them with everything.