Android

If you are not using a password manager you are doing it wrong.

I've used 1Password for years. Works well on all my devices (MacBook and Samsung Galaxy phone). I'd absolutely recommend you use one.

Not only are they great for handling complex passwords, but a benefit I've not seen mentioned here is that they are a way of just keeping track of just how many sites and accounts you've registered with.

For example - You buy one product once from an online store, save a password so you can monitor the order status but never use that site again. Before I used 1Password I'd just have forgotten I'd even used that site. But now I can just look down my 1password account and see a whole list of all these passwords and accounts ive created. And there's loads. You forget just how many online accounts and passwords you have out there.

I absolutely use one and regret I didn't use one earlier. I remember so often how I had to reset my passwords for different sites. Now every password I super complex because I don't have to remember it.

I use keepass 2 with a self hosted nas for the main flle .

KeePass. Putting your passwords on someone else's webserver is just asking for trouble.

Butwarden. Always Bitwarden. Just like almost everyone else in here it seems like.

I use 1Password because I got my wife to use it. The paid plan is worth it just for the fact that she also uses it. If it was just myself, I would probably self-host Bitwarden.

Switched from LastPass to 1Password after their ridiculous security breaches and haven't looked back. 1Password also kindly gave me the first year free after sending them my LP invoice.

Keepass + Syncthing awesome combination

I use pen and paper... yup.

I've used Dashlane for a few years now and I can't say there are any issues with it at all.
I used to just use a list stored in Google Keep, "encrypted" in such a way that only I knew what the passwords were. That got really old.

I use Chrome password manager. Is there any difference to this vs. Bitwarden or other services? Chrome is super convenient since it suggests passwords in browser while signing up and auto-inputs them to apps/websites cross platform. And also integrates with GBoard to quickly search password to copy into a field.

Not sure if Bitwarden has any additional features other than the benefit of not keeping all my info with Google. Or if it's less convenient and I have to go into the Bitwarden app or something everytime to look up or generate passwords?

Use KeePass!! It's an opensource, offline if you'd like, password manager that doesn't trust any third party servers to manage your sensitive information. https://keepass.info/

Using a sheet of paper right now, am in the process of switching to a self-written password manager. It uses Vigenere encryption using a key that is not saved anywhere (that I have to remember) and saves to a .dat file. Should I use my own tool or a service?

I used to use Bitwarden and it's a great App but you need to export your saved password list frequently somewhere safe just in case.

I now use Safe In Cloud, the backup can be restored from their servers.

Afaik, the backups encrypted and Safe In Cloud have no access anyway, check out the Playstore reviews for more details.

https://play.google.com/store/apps/details?id=com.safeincloud.free

I just completed a study of Enterprise password management and move my company from LastPass to BitWarden.

1password was a close second.

Used last pass for years until they decided no account sync for free users now I use bitwarden which I find is fantastic.

Definitely recommend using one. Don't have a preference for any particular one, I use Google's for simplicity sake. But unless you have a complicated system that allows you to have different passwords for every online service (or maybe if you have a great memory) it's simply more secure to use a password manager. Most sites have emails as logins, and if you reuse the same email/password combination you're just asking for trouble for when one day one of those sites get hacked, your password is sold, and someone spams your combo across all popular services and somehow ends up in your bank.

Started with LastPass many years ago - but has changed to 1Password just last week.

Bitwarden and Dashlane were close contenders, but I found that 1Password's sharing feature was better in my usage scenarios.

Yes, 100%... In fact, I often do recommend it to others. Personally I use Bitwarden (paid account even) but I've also recommended 1pass to apple only users because it fits well in that ecosystem.

You can use them to generate a different password for each and every login. And it's really just random letters, number and special characters. That one site gets compromised? They can't then use those credentials to login anywhere else.

You don't have to remember those passwords. Passwords that are easy to remember are probably found in dictionary attacks. You know what's not? Wt2Pwi#$a@Nzeq7*8UwSJ7sTsMKdC!HSGZZ7JnzCtxhfCfFCiXP&FD!yM!c^$DisSR@2 (which I just generated with bitwarden)

2-factor auth is also really easy with most password managers and makes logging in with 2-factor auth easy. I hit one hotkey to fill in the web form with my username/password, hit enter to login and then it auto-copies my TOTP code so I can just paste it and go. Super secure but super easy.

You go to a phishing site? Guess what, a good password manager will store the url and if it doesn't match, that should be your first red flag. If I end up at g00gle.com instead of google.com, it won't show as having a login available.

it is has become so much easier to manage my password after I started to use bitwarden it is just convenient

It’s 1Password for me. Looks good, works good and is available for every platform that I use.

For work I use KeepasXC and Bitwarden+Vaultwarden as well.

I used Bitwarden, I just signed up for pro last month. I like that it’s cross platform and there’s a web app too I believe.

I'm not going to say whether it's the best or not because I have not compared, but I have used Keepass2Android for years which seemlessly integrates with my cloud storage and key files (stored offline), has useful randomized password generation, and is overall unobtrusive

I've used password managers for as long as I've used the internet. I find it absolutely essential.

If you're not currently using one, it's likely that as the number of your login credentials increase, bad habits will increase. So it's probably better to use a password manager any way.

If you're using good, separate password, saving logins in the browser might work for you too. In that case I'd suggest you read up on the security your browser provides, ability to sync, migrate etc.

I personally moved to Bitwarden from 1Password due to the cost, and I believe for an average user, Bitwarden is definitely the way to go as it is very value-friendly (at $10 USD/year), and it is open-sourced unlike many other proprietary password managers. 1Password may get more features, however it being $3.99 USD/month, many users don't need the extra security features and I strongly believe that common sense is the best security for any user.

Does a sheet of paper count as a password manager?

I use Bitwarden with some trepidation. I keep hoping that eventually Proton Pass morphs into something that seems even more secure but right now it's pretty basic.

I haven't heard anyone mention Google password manager, which is the one I started using recently. I assume very few people trust it because... Google?