Password Manager Recommendations

im a lastpass guy, so what solution is better?
If any website you use supports strong authentication with multi-factor (token code, Duo Security, Clef etc) use that instead of just a plain password. Most sites will let you stay authenticated for a long time if you use these mechanisms, or at least will only require a push auth or something. EBay, Paypal, and most of the usual suspects support this. Amazon do not, to their shame, although it's available in the US so presumably will be coming to the UK eventually.

If any website you use supports federated sign-on from someone like Google, Facebook, Github, Microsoft Live etc. use that instead of a separate password. Make sure you turn on multi-factor for these, they all support it. For other purposes you can buy a Yubikey, which is a 'something you have' token that cost about £20-50 depending which version you go for. A lot of websites and security solutions support this.

For any remaining passwords, there are a few different password managers out there:
Keepass: an oldy but goody. You create a local keyfile which can be secured with passphrase, certificate file, or strong auth. this file can be stored on a cloud drive (GDrive, OneDrive, Dropbox S3 etc) if you need multi-device access There are third party browser extensions for this, but they are of dubious quality and could potentially have similar issues to LastPass.
Enpass: Similar to Keepass, you create a local keyfile (optionally they have a nice cloud integration for OneDrive and the rest) which can likewise be protected with passphrase, key, or strong auth. Also has a first-party browser extension, although this has a more secure operating mode - you have to manually click on the extension and re-auth before it will enter passwords into websites for you.
1Password: Basically the same as LastPass, although they seem to have a better reputation. No idea if this is warranted or not. Does not support U2F, which is worrying.
Dashlane: Same model as LastPass and 1Password. U2F token is only available if you spend money on the premium version, which is a bit disappointing.

Then there are a bunch of solutions targeted at enterprises like Okta and Onelogin, I'm not sure how cheap they are for home use. Both of these authenticate you on their platform so your passwords are not exposed in your browser, but you are relying on their platforms being secure.

If you have the skills (and money) you could create your own reverse proxy authentication server, protect it with something like ADFS, tie it in to Duo Security, and have awesome push auth, U2F auth and call back support for every website you ever authenticate to.
 
Just to chip in on above. Amazon UK now have multi factor via SMS or other authenticator.
Do you have a link for that? All I can find is references to AWS stuff, not the main site.

e: nvm I found it on my account page. They even support Duo which is pretty handy.
 
Last edited:
Enabled the authenticator on Amazon now, about time :)

Been testing out Enpass and now use this, it seems very good so far and i prefer the interface.
 
Has everyone gone off Lastpass now.. It used to be highly rated.. I use it for everything...Apart from banking. But its got slow with chrome lately.
 
I'm still using it and happily so. Sits on my home PC, tablet and phone.
People attempted to scare me off using it earlier in the thread, but I'm happy with it. Certainly not been experiencing it being slow.
 
i have the file stored on my google drive and everything connects to it from there, i have no other backup currently - yes this is stupid lol
 
Has everyone gone off Lastpass now.. It used to be highly rated.. I use it for everything...Apart from banking. But its got slow with chrome lately.

Still use everyday on PC and mobile. It's great value and one I'd still recommend. I also don't store banking though, I have all that written on a piece of paper in a secure box.
 
i still cant believe people put all their passwords in yet other software made by another company. Huge security flaw in my eyes
 
Back
Top Bottom