Great advantage of BitWarden and KeePass is that they are open source. Lastpass is not an open source, but has available in freemium attractive options like country restriction and cloud backup for their authenticator app.
Time for new Password Manager
- Thread starter reystar
- Start date
- Status
I'm currently using 1Password. It is no problem that you don't have 2FA because with a 1Password membership you got a secret key.
Security - 1Password
It works flawlessly on all my deviced. I'm using an iPhone an Macbook and a Windows PC. It also supports TOTP which is great
Security - 1Password
It works flawlessly on all my deviced. I'm using an iPhone an Macbook and a Windows PC. It also supports TOTP which is great
Theoretically. But who does that (besides those who would seek to exploit a flaw). And how long would it take?
Not to overlook, but if you're using Windows/Mac/iOS/etc., your OS isn't open source. Even the most "secure" program is no better than its underlying OS.
F
ForgottenSeer 58943
Hello folks
i feel the need to move to a new password manager after couple years of using Lastpass, not because that Lastpass is not good enough, it's that i need a change...
I have been looking a few ones like
BitWarden, 1Password, Dashlane so far are the ones i liked the most..
What do you recommend?
BitWarden is new and open source, seems really nice.
1Password is also nice, but i have concerns about the fact that there is no 2FA
Dashlane is also nice (lol)
The bad;
Dashlane - over the top logging/telemetry that makes me uncomfortable. Expensive. Shoddy support. Uses AWS.
1Password - no true TFA. Expensive. Several exploits found. Uses AWS, AWS API and AWS Cryptos.
PasswordBoss - buggy (back when I tried it), expensive, poor support, very buggy phone apps. AWS, AWS API, AWS Crypto.
Lastpass - No.. Please no.
Roboform - major security issues that have been well documented. Otherwise I like it and it doesn't use AWS or AWS keys.
The good;
Stickypassword - no compromises/exploits in their history. Stable, reliable and cheap with decent support. Uses AWS but not the AWS API and Cryptos.
Bit Warden - fantastic reliability/function, amazing support. Avoids AWS for security reasons, uses Azure but not Azure Crypto libraries. Zero Knowledge. OPENSOURCE.
Also don't overlook location/jurisdiction;
1Password - Canada
LastPass - USA (VA no less, wink)
Roboform - USA (VA again..)
StickyPassword - Czech Republic
Bit Warden - USA (Oklahoma) - but Opensource, review the code/libraries yourself.
Dashlane - USA (NYC)
PasswordBoss - USA (Minnesota)
Last edited by a moderator:
I use Dashlane Premium (among others) and have a 1Password account that was retained after a family account trial expired. But 1Password is not as good as the other password managers I use. However, my brother swears by 1Password on his Apple MacBook and iPhone. He is not willing to try another PM.
LastPass is introducing a family account this summer which should be interesting.
Optionally, you can sync SP over your local LAN and avoid the 'net altogether. Works for me. I'm not a big fan of having my passwords stored in the cloud.
It uses a secret key which is the same with high entropy. Even if you are using a password like 1234 a hacker can't access your vault because they still need the secret key which is only on your device.
Could you explain the exploits and AWS etc a little bit more? I only know that 1Password has never been hacked compared to services like Lastpass.
True but it is not as comfortable as services like Enpass or 1Password. Also, iOS apps are not that good and setting it up so that you can use it in your browser is also not that easy.
Can't speak for Mac or iOS. But use the browser addons over all my workstations, hassle free. No matter if firefox or chrome...
Just an opinion:
1). I don't like web control of my passwords, so I choose to use ones that are confined to the desktop insted of on line.
2). If the password manager doesn't do autofill on web forms. I don't want it.
3). If the GUI is kinda funky, or hard to use...Just say no.
4). I don't need synch, so my choice will probably cost nothing.
***SO this leaves me with 2 choices... Dashlane (Which I love).... And Sticky Password (Which is my 2nd choice)
1). I don't like web control of my passwords, so I choose to use ones that are confined to the desktop insted of on line.
2). If the password manager doesn't do autofill on web forms. I don't want it.
3). If the GUI is kinda funky, or hard to use...Just say no.
4). I don't need synch, so my choice will probably cost nothing.
***SO this leaves me with 2 choices... Dashlane (Which I love).... And Sticky Password (Which is my 2nd choice)
Thanks for the tips i always enjoy when I read your comments
I decide to remove LastPass and use bitwarden but is there any way that I import those password from the last pass to this new pass manager?
A
antreas
- Status
You may also like...
-
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers- Started by Andy Ful
- Replies: 125
-
-
Password Managers: Essential Security Tool or a Massive Risk?- Started by Bot
- Replies: 9
-
1Password says it has a solution for AI agents leaking your passwords- Started by lokamoka820
- Replies: 4
-
What are some secure password manager options for Windows, Android and IOS?
- Started by Lad With a Dad
- Replies: 26