Favourite Password Manager

Chat about Linux in general
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
User avatar
Valsodar
Level 4
Level 4
Posts: 364
Joined: Thu Jul 19, 2018 11:30 pm
Location: Sofia, Bulgaria
Contact:

Re: Favourite Password Manager

Post by Valsodar »

jmorris84 wrote: Mon Sep 12, 2022 9:28 pm Just curious what everyone likes to use and why.
Bitwarden. Because I can have my passwords everywhere with me - Firefox PC, Firefox Android or any other browser that supports extensions.
Core i7-4770, Palit GTX 1660 Ti, 32GB DDR3 RAM, Firefox, Arch LTS w/ Cinnamon 5.2.7
My Linux group on Telegram
Avatar & desktop: https://ibb.co/album/GFx0yV
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

murray wrote: Tue Nov 08, 2022 4:43 pm
Portreve wrote: Tue Oct 04, 2022 8:53 am BitWarden. They offer for-fee as well as free services, the client is open source, and all platforms are supported. Also, the UI is clean and straight-forward.
I switched to Bitwarden (from KeePass) a couple of years ago after seeing it recommended here. Best decision I've ever made. So easy to use on all my devices, imported my old KeePass DB without a hiccup, regularly being updated to add new features (last few updates added a username generator and email aliases), a CLI so you can access your password vault from the terminal and scripts.
I find that most websites are Rejecting the passwords created by Password Generators, so I have to make my own manually.
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
User avatar
Portreve
Level 13
Level 13
Posts: 4882
Joined: Mon Apr 18, 2011 12:03 am
Location: Within 20,004 km of YOU!
Contact:

Re: Favourite Password Manager

Post by Portreve »

While I don't, as a matter of policy, comment on what I do or don't do related to my security, I have to say that Bitwarden building in random username generation is likely a good idea for those who want to be able to maintain public anonymity as well as those who simply don't want to make it obvious which systems they have accounts on.

Personally, I think society at large needs to make the cost associated with being a bad actor (whether individual, commercial, or governmental) so absurdly and, if I may, excruciatingly high, that people thinking about doing these kinds of attacks choose not to. I have gotten to the point that I don't think writing and passing laws, while indisputably necessary, is any longer on its own a sufficient solution.
Flying this flag in support of freedom 🇺🇦

Recommended keyboard layout: English (intl., with AltGR dead keys)

Podcasts: Linux Unplugged, Destination Linux

Also check out Thor Hartmannsson's Linux Tips YouTube Channel
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

Writing Laws,
only has one consequence,

it punishes the innocent,
and the outlaws ignore them
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
Iceberg
Level 1
Level 1
Posts: 17
Joined: Sat Jun 24, 2017 6:46 pm

Re: Favourite Password Manager

Post by Iceberg »

https://www.theguardian.com/technology/ ... mains-safe
Toubba said the company would put in place more security measures and monitoring to detect any more threat actor activity.
Sounds like they’re working to gain more surveillance (spying) on their users. Putting trusts into any companies that have very little or no regulations likely would lead to disasters. Remember what happened to Equifax.

I prefer old fashion painful way of managing by typing and listing my passwords for specific accounts using text or document on a computer that is not connected to the internet (without wifi and ethernet cable unplugged) then save onto encrypted USB using Veracrypt and print them out using laser printer with no wifi, and put both into fireproof safebox locked in my home. I still can memorize some passwords that I use often without repeatedly of accessing my safebox. So after I die, my passwords shall die with me as noted in my will’s directives for my relatives to destroy those in my safebox. I doubt the companies would do the same for you.
GreenIsBest
Level 1
Level 1
Posts: 47
Joined: Sun Sep 19, 2021 11:54 am

Re: Favourite Password Manager

Post by GreenIsBest »

For an actual password "manager" I use KeePass on a airgapped and encrypted old obsolete Android phone, that is only used as a "secret keeper" and 2FA authenticator. The only purpose of this phone is to generate TOTP codes and to provide a digital backup of my passwords.
It is open source (a MUST in my opinion) does not need any internet or cloud shenenigans, but still allows you to easily encrypt and export your database between devices... or upload it to the cloud if you so wish.

Alternatively, a rather unortodox but still technically a "management" trick, is to use hashes of imutable files.
For example, you choose a picture from your album, run it through SHA256 or SHA512, and use the resulting hash as a password. While certainly not foolproof, this has several conveniences.
- You allways get a long, random "password", that is different and unique.
- It's fast and convenient to use; just right-click the picture and hash it.
- You can store and transfer the "secret pictures" in plain sight, like in your social media, without presenting a obvious target.This makes it very easy to backup your secrets, and hard to lose them, as most people regularly backup their memories/photos anyway.
- You only need to remember wich picture matches each account, wich is much easier than trying to remember big passwords.
- You can very easily create even stronger passwords by combining the hashes of >1 picture, and you only need to remember it's combination (ex: mom + puppy + beach).
- Worst case scenario, if you forget wich picture is the "key", you can just hash all your pictures and try them 1-by-1. Then again, so can a hacker, so make sure to use 2FA; but this is still safer that a post-it on the screen or a plain-text file.

Considering how unsafe and amateurish most people's password management is, when they even have any at all, I'd still consider this a straight upgrade despite it's flaws. And for unimportant accounts that you wish to nevertheless keep reasonably safe (ex: online games, generic forums), it has a good balance of security vs convenience. Combined with even the most basic 2FA and a little common sense (the latter allways rarest), this is more than enough for non-critical websites.
Iceberg
Level 1
Level 1
Posts: 17
Joined: Sat Jun 24, 2017 6:46 pm

Re: Favourite Password Manager

Post by Iceberg »

The purpose of 2FA authenticator is for providers or services to identify you then that also could make it easier for hackers to pinpoint you to your jackpot. I wouldn't be surprise there would be 3FA authenticator then there will be 4FA, so on someday. People buying iPhones because they thought they're safe and pro-private but doesn't have a defense against zero-day exploits. I never use my mobile for anything important such as banking. Tech companies shouldn't have too much power collecting your data. Doctors and hospitals have HIPAA law but when they use Microsoft or Google for your data then those tech companies get to have it too and they don't follow HIPAA law. If a password company has all of your passwords then they have all of your passwords for their own "insurance", simple as that.

https://www.youtube.com/watch?v=nbnWdA2JBik
gittiest personITW
Level 12
Level 12
Posts: 4289
Joined: Tue May 28, 2019 4:27 pm

Re: Favourite Password Manager

Post by gittiest personITW »

Well, while we're here, Lastpass has been breached again.
'certain elements of their customers’ information”'' has been accessed but no other details have been given out at this time.
User avatar
Oldun
Level 1
Level 1
Posts: 45
Joined: Sun Jun 09, 2019 10:31 pm
Location: Townsville, Australia

Re: Favourite Password Manager

Post by Oldun »

Bitwarden... easy to use and suits all my platforms. On Ipad I can even use biometric (fingerprint) to access my passwords.
Image
Lenovo T480s i5 Mint Cinnamon Mint 21.2 Victoria
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

Oldun wrote: Sun Dec 04, 2022 6:18 pm Bitwarden... easy to use and suits all my platforms. On Ipad I can even use biometric (fingerprint) to access my passwords.
that and KeepassXC....

just how, do you propose to Export all of the 1,000 passwords from LastPass to either one of those?

I looked at BitWarden and I don't like it
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
acerimusdux
Level 5
Level 5
Posts: 635
Joined: Sat Dec 26, 2009 3:36 pm

Re: Favourite Password Manager

Post by acerimusdux »

These all have export and import features. I switched from Lastpass to Bitwarden a year ago, because several people here recommended it, and I've been very happy with it. The browser extension works very well, just does password management, generates new passwords when needed, and otherwise stays out of the way. Actually simpler and easier than Lastpass even at this point.
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

acerimusdux wrote: Sun Dec 04, 2022 11:09 pm These all have export and import features. I switched from Lastpass to Bitwarden a year ago, because several people here recommended it, and I've been very happy with it. The browser extension works very well, just does password management, generates new passwords when needed, and otherwise stays out of the way. Actually simpler and easier than Lastpass even at this point.
Except for LastPass:

I have tried and tried many times, to find a way to export the passwords, I can't even get it to export a single password, all I can do, is EDIT the one password and view the info, WHILE ON THAT WEB PAGE.

IMO,
there is more bally hoo being made over the supposed hacking of LastPass because other password managers want to claim they are better.

I have never once, in 20 plus years of using LastPass, had one of my passwords hacked.

All I do, is change my password for my bank, and AMEX and Discover Card.
I do NOT bother with any of the websites that I use, and not once, have any of them been messed with.

I have one big Major Gripe with the websites that want you to use a Special variation of Passwords.
using the LastPass Generated passwords, nearly 100% of the time, the websites refuse to accept them, forcing me to think up one just for that website... very aggravating.
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
cliffcoggin
Level 8
Level 8
Posts: 2300
Joined: Sat Sep 17, 2016 6:40 pm
Location: England

Re: Favourite Password Manager

Post by cliffcoggin »

AZgl1800 wrote: Mon Dec 05, 2022 6:15 pm
there is more bally hoo being made over the supposed hacking of LastPass because other password managers want to claim they are better.
It wasn't a supposed hacking, it was a real genuine actual hacking that even Lastpass has admitted. It has nothing to do with the claims of its rivals.
Cliff Coggin
gittiest personITW
Level 12
Level 12
Posts: 4289
Joined: Tue May 28, 2019 4:27 pm

Re: Favourite Password Manager

Post by gittiest personITW »

cliffcoggin wrote: Mon Dec 05, 2022 6:46 pm
AZgl1800 wrote: Mon Dec 05, 2022 6:15 pm
there is more bally hoo being made over the supposed hacking of LastPass because other password managers want to claim they are better.
It wasn't a supposed hacking, it was a real genuine actual hacking that even Lastpass has admitted. It has nothing to do with the claims of its rivals.
It wasn't a supposed hacking of passwords, it was a genuine hacking of customers' information.
acerimusdux
Level 5
Level 5
Posts: 635
Joined: Sat Dec 26, 2009 3:36 pm

Re: Favourite Password Manager

Post by acerimusdux »

AZgl1800 wrote: Mon Dec 05, 2022 6:15 pm
I have tried and tried many times, to find a way to export the passwords, I can't even get it to export a single password, all I can do, is EDIT the one password and view the info, WHILE ON THAT WEB PAGE.
Well where is it failing? Are you getting the CSV file at all?

It's been a year since I did it, but I think this procedure worked for me. Though It's possible I had to make some corrections to the data and don't remember now.
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

acerimusdux wrote: Wed Dec 07, 2022 12:51 am
AZgl1800 wrote: Mon Dec 05, 2022 6:15 pm
I have tried and tried many times, to find a way to export the passwords, I can't even get it to export a single password, all I can do, is EDIT the one password and view the info, WHILE ON THAT WEB PAGE.
Well where is it failing? Are you getting the CSV file at all?

It's been a year since I did it, but I think this procedure worked for me. Though It's possible I had to make some corrections to the data and don't remember now.
No,
I was never able to get the CSV file, that would have solved my problem, I will follow that link.


EDIT: feel stupid now, I never have seen that Advanced Options before, probably because I have my screen set at 200% and the bottom of that menu never showed up.

anyhoo, now I have the .CSV file,
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
acerimusdux
Level 5
Level 5
Posts: 635
Joined: Sat Dec 26, 2009 3:36 pm

Re: Favourite Password Manager

Post by acerimusdux »

AZgl1800 wrote: Wed Dec 07, 2022 12:53 am anyhoo, now I have the .CSV file,
Oh good. Now hope import works. Now that I think about it, when I did mine I may have had to deal with the problem in this warning:
Some users have reported a bug which changes special characters in your passwords (&, <, >, and so on) to their HTML-encoded values (for example, &amp;) in the printed export.
....which could still be a bit of a pain if you really have 1000 passwords. But maybe fixed by now?
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

acerimusdux wrote: Wed Dec 07, 2022 2:16 am
AZgl1800 wrote: Wed Dec 07, 2022 12:53 am anyhoo, now I have the .CSV file,
Oh good. Now hope import works. Now that I think about it, when I did mine I may have had to deal with the problem in this warning:
Some users have reported a bug which changes special characters in your passwords (&, <, >, and so on) to their HTML-encoded values (for example, &amp;) in the printed export.
....which could still be a bit of a pain if you really have 1000 passwords. But maybe fixed by now?
I threw BitWarden in the trash bin,
once the passwords are loaded, you cannot edit or see them again, and it is hell of a lot harder to manage than LastPass.

I trimmed down the passwords to something less than 600, there were 100s that were related to old news websites that I now refuse to use, if they want a password, I am a gone gosling.... piss on that.
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
acerimusdux
Level 5
Level 5
Posts: 635
Joined: Sat Dec 26, 2009 3:36 pm

Re: Favourite Password Manager

Post by acerimusdux »

AZgl1800 wrote: Wed Dec 07, 2022 9:30 am
I threw BitWarden in the trash bin,
once the passwords are loaded, you cannot edit or see them again, and it is hell of a lot harder to manage than LastPass.
It's just a little different layout that you aren't used to yet.

If you are using the browser extension, you just click on the icon when on a website, and it will list any logins for that site. Or just browse through all your logins using the "vault" button on the bottom. To the left of each login entry are icons to view, copy username, copy password, copy verification code. If you click view, it will show the whole entry, but the password will be obscured. To the right of the password is an "eye" icon for toggling its visability. At the top right of the entry is an "edit" button which will bring the whole entry up in edit mode. You can edit what you like there, then hit "save" in the upper right corner.
User avatar
AZgl1800
Level 20
Level 20
Posts: 11146
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: Favourite Password Manager

Post by AZgl1800 »

I downloaded the app from the Mint repository.

I gave it 10 shots, and 5 different efforts at creating new accounts.
I used the Web login to see if I can see and edit the passwords, nope, they won't let you.
I will never again, mess with it....
just simply is NOT worth the effort it takes.....

One other thing: get the password wrong, and ask it to send you an Email for a hint???
wasted effort, it never once sent the email, and I changed to Yahoo and Gmail 4 times, with new email addresses.

It claimed that my Master Password has been Accepted: it is one that I know by heart, a unique one that only I would know... but once I logged out, it refused to let me login to the web account repeatedly. I am done with itl.

and, I don't believe the ballyhoo that LastPass customer information has been divulged.
their servers might have been hacked, but the encrypted info did not get divulged....

I have never once, had any password hacked and I have been using LastPass for many years, before it was renamed as "LastPass"
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
Locked

Return to “Chat about Linux”