I started digging into opensource password managers and found that they all suck major ball sack. I ended up picking nothing. My two runner-ups were bitwarden. It works on Linux, Android, whatever apple’s shit runs on, and even runs on PC’s with the OS that you usually delete first thing. But the major drawback is that I can’t trust it. It’s got a “premium” version, and that has always meant a slow steady spiral into “you must pay now that we have you by the balls” situation. Another drawback is that it’s centralized, kill the company and so go your passwords I suppose.

The other runner up is called liso. This one comes with two major drawbacks. One is that is browser only so far. The other one is that it doesn’t work on Linux yet. Such a shit shit option. Everything else out there wants you to pay for encryption.

I did end up learning about pass on Linux. It creates encrypted passwords and there’s some compatibility with guis and maybe available on Android??? Big question mark. I’ve tried nothing yet. My password list seems to grow daily.

So what’s your favorite one?

  • stamp_irl
    link
    fedilink
    arrow-up
    17
    ·
    2 years ago

    As many said combination of KeePassXC on computer and KeePassXD on android. I sync file with syncthing. For security I have setup three word passphrase, made of words representing unique stuff that was on my desk at the time of creating file, words are connected with symbols not spaces. Even if someone gets my password database file, it will be useless for them.

    KeePass has many adventages:

    • local file, no need for internet to check passwords
    • tested and trusted file format
    • compared to pass (other local solution) encrypts metadata
    • can store more then password: ssh keys, otp
    • tons of applications supporting file format - death of one doesn’t mean anything
    • ree
      link
      fedilink
      arrow-up
      7
      ·
      2 years ago

      If you’re using a centralised sync system keepass allow keyfiles.

      I use passphrase + keyfile. And I don’t sync the keyfile only copy it manually.

      • stamp_irl
        link
        fedilink
        arrow-up
        3
        ·
        2 years ago

        Or you can use something like Yubikey as a second layer. Don’t know if that works on mobile.

        • Sr Estegosaurio
          link
          fedilink
          arrow-up
          1
          ·
          2 years ago

          I’m going to get a YubiKey soon and afaIk that feature does not work on phones. But I’ll check if there’s an issue about it.

    • imgprojtsOP
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      Yes. I was actually reading about this one last night after I posted. I decided to give it a try. In a few minutes I got my Google passwords out and translated. Now I need to add my other ton of passwords.

      • stamp_irl
        link
        fedilink
        arrow-up
        4
        ·
        2 years ago

        There are importers for most of the password storage options. I would recommend separate database for import and then merging import db with your actual database, backing up everything before.