Password managers

I just use a keepass database across all my devices, windows, Mac OS, iOS etc, works great, lots of software on each of them.

I just store the database file in my cloud drive so it always auto syncs across all my devices.

I really don't get why people pay for password managers beyond this because it literally does everything I want it to and auto syncs across everything, and its free.

With a password manager you can log into your vault via a webpage with the same ease as using webmail and access anything you might need.

No need to install any crud on somebody else's equipment.
 
You can do that with KeePass too via their browser extension. No different to any other password manager, except it doesn't cost anything.

With a password manager like lastpass (which is also free) you have full access to your vault without installing crud like a browser extension on other peoples equipment, so as long as you have browser access anywhere in the world (even on a internet cafe that's locked down against extensions) you still have full access to your vault.
 
I just use a keepass database across all my devices, windows, Mac OS, iOS etc, works great, lots of software on each of them.

I just store the database file in my cloud drive so it always auto syncs across all my devices.

I really don't get why people pay for password managers beyond this because it literally does everything I want it to and auto syncs across everything, and its free.

Like all things in life, people pay for added convenience. Paying a small amount to someone to handle all of these is something people generally are happy to do.

You can do that with KeePass too via their browser extension. No different to any other password manager, except it doesn't cost anything.

Installing a browser extension doesn't seem to be the solution to access on third-party computers.

The better solution is to use open source KeePass web apps, like KeeWeb. That allows you to take your password database and open it up in a completely local Javascript-based KeePass client that runs inside the browser. You can host your self-own, or run it from disk.
 
With a password manager like lastpass (which is also free) you have full access to your vault without installing crud like a browser extension on other peoples equipment, so as long as you have browser access anywhere in the world (even on a internet cafe that's locked down against extensions) you still have full access to your vault.

The beauty of KeePass (XC for me) is that it's completely open source, so people can look at the code and compile it themselves if they so desire. I know there's also one of the big-name brands that allows their code to be audited, but I personally prefer to be in complete control of my password data and have no interest in letting someone else manage my passwords for me.

The better solution is to use open source KeePass web apps, like KeeWeb. That allows you to take your password database and open it up in a completely local Javascript-based KeePass client that runs inside the browser. You can host your self-own, or run it from disk.

I hadn't heard of KeeWeb, but I'll have to look it up.
 
With a password manager you can log into your vault via a webpage with the same ease as using webmail and access anything you might need.

No need to install any crud on somebody else's equipment.

It seems capitalism affects password managers, you pay 'it must be better' - what is this 'crud' you speak of? Software? Keepass is a very good bit of software.
 
what is this 'crud' you speak of?.

Installing anything on 3rd party hardware that was unwanted by the owner would be considered crud and bloat.

For example If somebody lent their mobile phone, tablet or laptop to someone that was having a issue (often happens at airports and train stations) then i think most people would find it strange and somewhat suspicious if that person then started installing software or plugging in a USB stick.

In the same way Webmail will always be more convenient than running your own email server and carrying around the data base on a usb stick or syncing it to cloud, A online password manager will always be more convenient than a stand alone password client/server to a vast majority of people.
 
Last edited:
I'm still unsure what the '3rd party hardware' is referencing for KeePass (Dropbox, Onedrive etc?) though I do agree that most people look for convenient options, which LastPass et all do provide. For those with even a modicum of technical know-how, KeePass is a perfectly good solution and keeps your data completely private.

I can't comment on other peoples usage but I don't let anyone else use my devices and I store my password file on my own hardware, which I then connect to via VPN if I'm away from home so it's available to me anywhere. I also have more trust in software like KeePass because it's open source and is therefore freely available to be scrutinised. Is it perfect? Probably not, but I'd also suggest there's no such thing as perfect when it comes to software. What's right for one person isn't necessarily right for another. Isn't it good then that we have all these choices :)
 
I'm still unsure what the '3rd party hardware' is

*perplexed* :D

Works computers , laptops , tablets, friends mobile phone , computer ,tablets , strangers mobile phone , computer ,tablets, internet cafes, kiosks at air ports, ie: anything that doesn't belong to you that you might use or access.

I also have more trust in software like KeePass because it's open source and is therefore freely available to be scrutinised.

Sorry but that one of those internet myths that just doesn't hold true, google openssl flaw and the mistakes the developers made and the millions of pounds it cost to hire private developers to fix it, for example the heatbleed fiasco was code added by a developer and nobody bothered to scrutinise it.
 
Last edited:
I don't know if it still stands as i've not read about it for years but a lot of the linux community used to hate keepass because of mono, google why do linux users hate mono.
 
Sorry but that one of those internet myths that just doesn't hold true, google openssl flaw and the mistakes the developers made and the millions of pounds it cost to hire private developers to fix it, for example the heatbleed fiasco was code added by a developer and nobody bothered to scrutinise it.

The point is, the entire code is there for all to see, unlike most commercial software. We all know developers aren't perfect and neither is software, but having used KeePassXC for a number of years now, I've more faith in it than any of the others being mentioned in this thread, and at least I don't have to rely on their website security, or lack thereof, to protect my data, which is something a lot of commercial companies fail to do on a regular basis.

I don't know if it still stands as i've not read about it for years but a lot of the linux community used to hate keepass because of mono, google why do linux users hate mono.

While I've no issue with mono, KeePassXC doesn't use mono, it's developed in C++.
 
I did install Vaultwarden in a docker container some time ago to have a look, but went back to KeePassXC as it was just easier with my home network configuration.

i too installed vaultwarden into a docker container on my nas followed a guide but it always failed when i tried to login into it at the end stage, something about not using https. so at the moment still using last pass fiddling with robo form and keepassxc have yet to make my mind up :(
 
i too installed vaultwarden into a docker container on my nas followed a guide but it always failed when i tried to login into it at the end stage, something about not using https. so at the moment still using last pass fiddling with robo form and keepassxc have yet to make my mind up :(

You just need a SSL cert but bare in mind you need to look after your backups yourself if you use vaultwarden.

Bitwarden is the alternitive with managed backups and to get the pro versions it's like £10 per month.
 
Last edited:
Back
Top Bottom