redsworn

Level 3
Verified
If LastPass got hacked somehow, they would have passwords from tens of millions of users, it would be a world-wide disaster and hit the news. The chances are next to zero that they would get money out of your bank account before you had a chance to change the password. The chances are much greater that you will get locked out of your own bank account by losing your password due to a user mistake or a computer disaster, because it wasn't backed up to the cloud.
You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
 

Umbra

Level 25
Verified
You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
 
Last edited:

Local Host

Level 19
Verified
You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
I wonder how you intent to keep the DB updated, are you going to export it constantly? Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices) What constrains? I have the DB locally regardless if the cloud service is up or down.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services
Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
 
Last edited:

Umbra

Level 25
Verified
That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
1- I wonder how you intent to keep the DB updated, are you going to export it constantly?
2- Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...

1- What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices)
2- What constrains? I have the DB locally regardless if the cloud service is up or down.
1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.

Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).
You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
 
Last edited:

DDE_Server

Level 12
Verified
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...


1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.


You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.


Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
Keepass2anfrood has autofill suggestion In another app
 

shmu26

Level 84
Verified
Trusted
Content Creator
LastPass seems to me much more secure on the client side. When I start up my browser and log onto websites, my LastPass email address is hidden. And so is my master password.
But with Bitwarden, every time I start up my browser, I must enter my master password, and my Bitwarden email address is displayed right on top of it. So if my system is compromised, I just gave away all my login credentials for all websites. Nothing could be worse.
IMO it is much more likely for a local system to be compromised than it is for the LastPass data base to be compromised, so I see LastPass as more secure than Bitwarden.
 

The Cog in the Machine

Level 11
Verified
For me, I don't want to access passwords in my browser (like lastpass and Bitwarden). Having a desktop program (like sticky password) is more secure (I guess). At least it makes me feel much more comfortable. Now I am using Enpass and it is synced to my Personal OneDrive.
 

Handsome Recluse

Level 22
Verified
I got nasty spam and the only thing I signed up for using that email was Lastpass while using Yandex Browser which annoyingly autosaves passwords by default.
This is circumstantial though.
 

The Cog in the Machine

Level 11
Verified
Do you use 2FA on every site? I don't.
1Password notifies you if the website supports 2FA and recommends you to enable it. I have 2FA enabled on every single website that supports that feature. 2FA keys are added to the password manager and to Authy as a backup plan in case a disaster happens so I don't get locked out.