Password manager

CelestialBadger

Passwords are annoying me.

What's the best password manager that stores passwords in the cloud, is compatible with Android, iOS, PC, Mac and Linux (God, I have too many computers), and does not need to be compiled by me. Free or paid.

I'd like it to be able to export all the passwords in plain text in case it stops being supported and I need to get my passwords out. Is that possible?

Security is important, but not if it gets in the way of usability. I'm not gonna put my bank account passwords in there, or anything else that truly needs to be secure.

seasleepy

I use a similarly wide variety of platforms and ultimately settled on Lastpass as the easiest option. I also looked pretty hard into using Keypass or PWSafe which aren't in the cloud by default but you can easily put your files into Dropbox, and there are separate apps for mobile (they're both open source projects). A lot of people also really seem to like 1Password but there isn't a Linux option for it which was a dealbreaker for me (but maybe not for you?). I will note that for Lastpass, you don't get mobile as a free user, but you can still use the website on those devices and I haven't found that too restrictive as I apparently don't end up entering passwords on those particularly often.

CelestialBadger

Linux I can live without, I don't use that platform too often. Thanks! I'll check out Lastpass.

L Ron Howard

I loves KeePass.
I do as seasleepy said: I have my key file on Dropbox so that it stays up-to-date.
I use the client on my computers and my phones. I also have it set up so that it looks for my PGP key to know that it's a device of mine. Coupled with a password, I think it's fairly safe.

You can either obfuscate the password with the dots, or you can make them visible as cleartext, your choice. On the phone and computer, KeePass gives the option to copy either the username or password to the clipboard, so you don't have to type it in each time. It obviously won't work if you try to set up something like an Xbox with Netflix and the password is accessed on your phone, for instance.

It's also free, and it hasn't cost me a dime ever.

Inquisitor77

Not that you need it, but I'm seconding LastPass. Been using it for over two years, and am very happy with it.

puffycow

I am thirding LastPass. I like the browser and Android phone integration. Everything is pretty seamless.

CelestialBadger

I installed LastPass, it seems to be the consensus! Thanks

tarnok

Maybe I'm more paranoid that I realized but it blows my mind that anyone even considers using password managers. Even more so ones that store your passwords in the "cloud." Someone once suggested, and I quite like the idea, that every time someone says "in the cloud" you think "on someone else's computer." Why would you store your passwords on someone else's computer?

But maybe I'm more paranoid than I thought.

CelestialBadger

I'm not going to put important passwords in there. They stay in my head. I want to store all the piddling crappy passwords like, um, my Penny Arcade account password in there. If someone hacks my Password Manager, I guess they can post as me on this site. Big deal. I'm just having difficulty keeping track of all the tiny passwords for random sites.

I wouldn't put credit card, bank, or professional info in there.

Usagi

tarnok wrote: »

Maybe I'm more paranoid that I realized but it blows my mind that anyone even considers using password managers. Even more so ones that store your passwords in the "cloud." Someone once suggested, and I quite like the idea, that every time someone says "in the cloud" you think "on someone else's computer." Why would you store your passwords on someone else's computer?

But maybe I'm more paranoid than I thought.

Eh, I considered that, but then educated myself on what the risks are and chose a password manager I felt comfortable with based on that

1Password is pretty open about the mechanisms of cloud storage and decryption and the safety of syncing

fightinfilipino

i've been using 1Password myself and a "cloud" service to sync the keychain file. the service itself has 2 factor authentication on it, along with a randomized password. and the keychain file, even if somehow obtained, is strongly encrypted. the risks are fairly low.

i do wish AgileBits introduced more syncing options, though...

finnith

I would suggest using Lastpass and integrating the Google Authenticator with it. That way you've got your phone for the 2-factor authentication.

puffycow

tarnok wrote: »

Maybe I'm more paranoid that I realized but it blows my mind that anyone even considers using password managers. Even more so ones that store your passwords in the "cloud." Someone once suggested, and I quite like the idea, that every time someone says "in the cloud" you think "on someone else's computer." Why would you store your passwords on someone else's computer?

But maybe I'm more paranoid than I thought.

Yeah, you definitely need to do some education. http://lifehacker.com/is-lastpass-secure-what-happens-if-it-gets-hacked-1555511389

Dhalphir

Personally I prefer a notepad in my desk drawer with all my obscure passwords. More secure than any software solution against anybody trying to hack into my PC, and there isn't much overlap between people in my house and people who want my passwords.

tarnok

puffycow wrote: »

tarnok wrote: »

Maybe I'm more paranoid that I realized but it blows my mind that anyone even considers using password managers. Even more so ones that store your passwords in the "cloud." Someone once suggested, and I quite like the idea, that every time someone says "in the cloud" you think "on someone else's computer." Why would you store your passwords on someone else's computer?

But maybe I'm more paranoid than I thought.

Yeah, you definitely need to do some education. http://lifehacker.com/is-lastpass-secure-what-happens-if-it-gets-hacked-1555511389

I really don't find anything in that article comforting. It amounts to 1) we're _really_ careful, 2) use an authenticator and 3) we'll let you know right away if there's a breech. My immediate thoughts are 1) even very careful people make mistakes, 2) that's a good idea and 3) that only works if you know there's been a breech.