Vaultwarden for work, KeePass and KeePassDroid for private use.
this post was submitted on 15 Jun 2023
198 points (100.0% liked)
Privacy Guides
17040 readers
56 users here now
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
- We prefer posting about open-source software whenever possible.
- This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
- No soliciting engagement: Don't ask for upvotes, follows, etc.
- Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
- Be civil, no violence, hate speech. Assume people here are posting in good faith.
- Don't repost topics which have already been covered here.
- News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
- Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
- No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
- No misinformation: Extraordinary claims must be matched with evidence.
- Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
- General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Additional Resources:
- EFF: Surveillance Self-Defense
- Consumer Reports Security Planner
- Jonah Aragon (YouTube)
- r/Privacy
- Big Ass Data Broker Opt-Out List
founded 2 years ago
MODERATORS
Self hosted Bitwarden is the bees knees.
Bitwarden. I left LastPass about 3 years ago and haven’t looked back. I pay for bitwarden so I can use the TOTP feature and because i can’t wrap my head around the recovery process for my wife if something were to happen to me. I think another, more technically fluent human will need to be involved if that ever comes to pass.
load more comments
(2 replies)
I've been using keepass on PC and KeepassDX on Android.
Bitwarden, easily. You can self host if you want to for added privacy. I don't, but the option is there.
I just lead the migration from LastPass to 1Password for the business I work at. It was really prompted by the breaches at LP and their poor handling of it. For personal stuff, I just did whatever I was doing at work because the business plans come with free licenses for personal accounts.
Bitwarden, I use it everywhere. I even wrote a Bitwarden app for my Linux phone.
load more comments
(1 replies)
I use Bitwarden and honestly couldn’t be happier. My partner and I both use it, so it’s incredibly easy to share any credentials we both need to use. It also works great on every platform I’ve personally tried it on, and I like that I can use it for totp 2fa as well.
I use OneNote, with a bunch of coded words that mean other things and mix and match those to make longer passwords that are all different. Because I'm too lazy for a real app, and this is secure enough and useful enough.
It might be a minimal effort to set up. But afterwards any pw-manager will propably save you lots of effort.
Bitwarden enjoyer here
I’m currently hosting Vaultwarden, an implementation of Bitwarden. It’s working perfectly so far.
I use pass but recommend Bitwarden when people ask for a recommendation.
When using pass, if you have a lot of devices and forget to sync at times you better know at least basic git lol.
Do you use pass on any mobile devices & do you find the need to use any of the browser extensions made for it? I am just looking at it right now and it seems really fascinating I will say.
Mobile apps:
- Android (use daily w/ YubiKey): https://github.com/android-password-store/Android-Password-Store
- IOS (not tried): https://mssun.github.io/passforios/
Browser extension is a bit more complicated as you have to have a helper running for the extension to connect to, but it does exist: https://github.com/browserpass/browserpass-extension
load more comments
(2 replies)
load more comments
(2 replies)
pass
I like the fact that it is a minimal and simple program that does one thing, and does it well. If you already use GnuPG for encryption, you will get used to it quickly.
The only downside for me is that it doesn't encrypt password names, only the content.
It also has many plugins and android/ios apps.
I would like to highlight the browserpass extension for Chrom(e|ium) and Firefox (and derivatives) which allows you to enter credentials into web pages without having to copy from a terminal.
i’m using KeepassXC!
I'm very surprised at how web centric some of these answers are. I have so many passwords that have nothing to do with a web site.
"Google Chrome" is not gonna type in the bitlocker password on a dual boot system everytime there's a kernel update :p.
Get yourself a mooltipass :D
- Bitwarden for my Passwords.
- Keepass for my password for Bitwarden.
- An master password + picture(key) combination for access to my keepass.
What does the intermediate step add?
Not the guy you are replying to, but it would allow the user to create a very strong password for Bitwarden, and use an easier one to remember for Keepass, since Keepass would still require a key file to open the database.
I kind of like the idea, actually! LOL
Bitwarden for several years.
Same here. I used to have LastPass, but after their privacy fiasco, I moved to Bitwarden, which I find to be rock solid. The fact that it's open source helps me feel more at ease that they won't pull any crap as easily as other password managers.
I've been using Bitwarden, but the second proton releases proton pass to the public I'll try to switch
Personally, bitwarden because of the browser addon, and then KeepassXC to store the 2FA recovery codes
Bitwarden after lastpass started charging for the same service
I use KeePassXC in my linux desktop, KeePassDX in my android smartphone and syncthing-fork/syncthing to sync modifications between all devices. The encrypted database (long passphrase generated with Diceware method) never goes online. I also use yubikeys and multi factor auth for all important accounts
Well, ahem, I use index-cards in a box. Never looses batteries - totally hack-proof !
Keepass with a separately stored keyfile and an otherwise shared passwordDB. Keepass2Android makes the bridge into Android.