Keychain password manager vs 3rd party

[beachBOYken]

Those that do use keychain, how do I save passwords that use 2fa, do I need to setup 2fa again.

Im doing it manually by using 1p in conjunction with keychain as I visit sites and save them as I get the keychain save password prompt.

But im thinking that wouldn't work with 2fa secured accounts, is it a case of setting 2fa up again?

 

[MrRockliffe]

The other problem with Keychain is that it produces passwords in a set format.

1. This isn't as good for security, since you always know at least 3 characters, and they're always in the same place.
2. Some websites don't accept the "-" character
3. This (-) is the only special character in the password.


Apple have recently added a feature where you can use a different format, but it's just something to be aware of.



I use Bitwarden, as it means I'm not tied into an Ecosystem.

 

[Deleted member 77746]

I use Bitwarden, as it means I'm not tied into an Ecosystem.

It’s why I chose to demo Bitwarden then move to it completely. I’ve now got 160 passwords all with 24 chars now randomised as complex as possible. Not got any site using the same password either. Works fantastic.

 

[beachBOYken]

Ok so update, I find apple keychain ok, but the annoying thing is that some websites don't request to save login, which I was currently trying to do manually while I have 1password.

So Im thinking about trying Bitwarden (premium)

Can someone explain open source? is that more secure than 1password?

edit/

Ok so I signed up.

I have set up 2fa as well, is there any other security I need to be aware of for the bitwarden account?

Also do I need to enter the 2fa code every time I open the main app or browser extension?

Ive not installed them yet, Im just using the web page currently to input my logins manually as don't have that many.

And finally as I’m on free account currently if I add 2fa enabled logins they don’t work, in 1password do I copy the 2fa address field and paste it to the same field in Bitwarden?

When I then upgrade should that activate the one time codes.

 

[Deleted member 77746]

Ok so update, I find apple keychain ok, but the annoying thing is that some websites don't request to save login, which I was currently trying to do manually while I have 1password.

<SNIP>

Just try it yourself and see how it goes. Try different things.

 

[beachBOYken]

Security wise is it better storing my 2fa codes in a standalone authenticator like Microsoft authenticator, Authy... or is it better to store them within the password manager as well?

I was going to upgrade BW to the premium sub so to use 2fa within the app, but I was thinking perhaps its better to stay with the free version and store my 2fa codes elsewhere, Im guessing its more secure like this but a little less user friendly as need 2nd device at hand at times I need 2fa code.

 

[Deleted member 77746]

Security wise is it better storing my 2fa codes in a standalone authenticator like Microsoft authenticator, Authy... or is it better to store them within the password manager as well?

I was going to upgrade BW to the premium sub so to use 2fa within the app, but I was thinking perhaps its better to stay with the free version and store my 2fa codes elsewhere, Im guessing its more secure like this but a little less user friendly as need 2nd device at hand at times I need 2fa code.

I choose to keep them separate, I use Authy because if I loose my device I can log in via a pc/laptop in the app just in case.

From a security point of view I would say it’s more secure in a separate app.

 

[beachBOYken]

I choose to keep them separate, I use Authy because if I loose my device I can log in via a pc/laptop in the app just in case.

From a security point of view I would say it’s more secure in a separate app.

luckily most of my accounts don't require 2fa all that often and only request it every month of being logged in and then there is the " trust device" option

Im just trying to work out the easiest way to transfer the 2fa code from 1p or the website itself to my authenticator app.

I can't see an option so im having to disable and re set up again, luckily not got that many to do though.

 

[Deleted member 77746]

luckily most of my accounts don't require 2fa all that often and only request it every month of being logged in and then there is the " trust device" option

Im just trying to work out the easiest way to transfer the 2fa code from 1p or the website itself to my authenticator app.

I can't see an option so im having to disable and re set up again, luckily not got that many to do though.

Yeh you will have to disable and re-enable to change app.

 

[beachBOYken]

Yeh you will have to disable and re-enable to change app.

Thats what I thought. Thanks

 

[Deleted member 77746]

Thats what I thought. Thanks

Worth it though doesn’t take that long once you get on a roll, don’t forget to remove it from the old 2FA app though. What I did was make a list and just literally tick them off one by one moving over. I did the same when moving over my phone number to a new one with 2FA.

 

[beachBOYken]

Worth it though doesn’t take that long once you get on a roll, don’t forget to remove it from the old 2FA app though. What I did was make a list and just literally tick them off one by one moving over. I did the same when moving over my phone number to a new one with 2FA.

Liking it so far!

The browser extension has a few lock options, such as on browser restart, never, 1hr and so on, do you know if the 1hr for example is when the browser is sitting idle or does it lock no matter what i'm doing on the browser?

Its set to default "on restart" I rarely close my browser so it will stay unlocked.

 

[Deleted member 77746]

Liking it so far!

The browser extension has a few lock options, such as on browser restart, never, 1hr and so on, do you know if the 1hr for example is when the browser is sitting idle or does it lock no matter what i'm doing on the browser?

Its set to default "on restart" I rarely close my browser so it will stay unlocked.

I currently have a PIN set but on restart master password with 2FA.

 

[beachBOYken]

I currently have a PIN set but on restart master password with 2FA.

How do you include the 2fa, can’t see an option for that, unless that’s a premium feature.

Have it set up on my bw account.

I’m keeping my desktop app set to require master password, and extension set with pin.

 

[Kanpai]

Been using Bitwarden for over a year now and much prefer it as it offers same level of features as keychain but with the optional bonus of running outside of Apple Ecosystem too.

 

[Deleted member 77746]

How do you include the 2fa, can’t see an option for that, unless that’s a premium feature.

Settings > Two Step Login (it might be a premium feature) not 100% sure.

Confirmed it's a premium feature. You get premium with self hosted though free.

 

[beachBOYken]

Settings > Two Step Login (it might be a premium feature) not 100% sure.

Confirmed it's a premium feature. You get premium with self hosted though free.

Ah ok, yeah I have the account 2fa available and enabled just not the extra step available for the apps then, Im not sure if the premium is worth it to me, I have a separate app for 2fa codes, and not sure I would bother with the additional 2 step security on the apps, I don’t really store anything important, all my accounts that are critical to me are in my head or jotted down somewhere safe.

But for £10 its cheap just for the other stuff I guess and future premium features. May think about it later down the line once I’ve got used to using Bitwarden.

 

[Deleted member 77746]

But for £10 its cheap just for the other stuff I guess and future premium features. May think about it later down the line once I’ve got used to using Bitwarden.

£10 for the year is literally a pint and a half in London. But if you don't need the premium features why bother.

 

[beachBOYken]

£10 for the year is literally a pint and a half in London. But if you don't need the premium features why bother.

Well some may come in handy future premium features, emergency access?, priority support, password hygiene/reports.

 

[beachBOYken]

iOS app exstension, trying to fathom the difference between that and autofill.

The extension on iOS always requests password and doesn’t seem to be a fully fledged extension like 1Password is on iOS.