Password managers

I've moved from LastPass to Dashlane to Bitwarden and now to 1Password.

I love the UI and integration across browsers/devices, having different vaults shared between family members we can all contribute to including having policies/documents in there for easy access for all, and they've fairly recently partnered with Fastmail where it'll generate a masked email for you when signing up to websites (I already use domain/[email protected] anyway, but it's a nice way to move the identity away from @mydomain.com if needed).
 
uvarvu said:
blog.1password.com

We’ve joined the FIDO Alliance to build a better future for authentication | 1Password

1Password has joined the FIDO Alliance to help build safer, simpler, and faster login solutions for everyone.
blog.1password.com blog.1password.com

This is interesting. 1Password will be able to store private keys for passwordless access and it will have the edge over alternatives such as keychain as it offers full cross platform support, secure sharing etc.
Click to expand...
I expect everyone will be onboard pretty soon.
 
to be honest i am struggling to pull myself away from Lastpass as an individual user who does not need it on all devices it does what i need it to do.
 
  • Like
Reactions: R3X
As I finally managed to set up a reverse proxy, I decided to give Vaultwarden another go. I've been using it for a week or so now, and have no complaints. I still couldn't say it's any better than KeePassXC and, to a point I prefer the latter as it's completely offline (unless I choose otherwise) but I'll probably carry on using Vaultwarden for the time, barring any showstoppers.
 
Looking for a bit of help if you can.

Following on, belatedly, from this post I have signed up to the family plan on 1password for the next 12 months, although using the 14 day trial today and have to say I could not be any more unimpressed. Firstly there seems to be no way to export passwords from my iphone or ipad without using a Mac, which I don't have. The only PC I use is my work laptop. After some research it appears the only solution is a manual entry into 1passwords database. Got this more so for my Mrs as her security is worse than mine but there is absolutely no way she is going to manually bring one password over let alone what would probably be 100 of them. I'm not going to do it either.
This is the best help I can find and even that looks like a pure hassle. https://1password.community/discussion/128058/moving-passwords-from-ipad-iphone-to-1password

I have managed to export the 20 or so usernames and passwords I have on my laptop (I use Chrome, work computer so not by choice) and got it into 1passowrd easy enough. Also pinned it as a browser extension which is an achievement too.
Now, just logged into Strava with it. I know my strava password has been compromised as I get warnings from my iphone (and chrome) about it. 1password popped up, let me login using the stored (compromised) password and asked if I wanted to overite it :confused: I said yes anyway and it logged me in no problem without a warning or anything. I have put the 1password app onto my phone and logged in. The strava log in details are in the vault and it has helpfully given me a green dot and "Good" next to the compromised password!
Then I logged into strava on my phone. Logged out the tried to log in again. It used the stored info in keychain to log in then told me the password has been involved in a breach! :D

Am I expecting too much for software I am paying for to get this data out of my phone apps for me automatically? As well as know if a password has been compromised and make it a strong one? Like chrome already does for free? Then automatically update these passwords across all my linked devices, like IOS does?

I think it would probably be easier to log out of everything and change the passwords manually on my phone!
 
Last edited:
Vandle said:
Looking for a bit of help if you can.

Following on, belatedly, from this post I have signed up to the family plan on 1password for the next 12 months, although using the 14 day trial today and have to say I could not be any more unimpressed. Firstly there seems to be no way to export passwords from my iphone or ipad without using a Mac, which I don't have. The only PC I use is my work laptop. After some research it appears the only solution is a manual entry into 1passwords database. Got this more so for my Mrs as her security is worse than mine but there is absolutely no way she is going to manually bring one password over let alone what would probably be 100 of them. I'm not going to do it either.
This is the best help I can find and even that looks like a pure hassle. https://1password.community/discussion/128058/moving-passwords-from-ipad-iphone-to-1password

I have managed to export the 20 or so usernames and passwords I have on my laptop (I use Chrome, work computer so not by choice) and got it into 1passowrd easy enough. Also pinned it as a browser extension which is an achievement too.
Now, just logged into Strava with it. I know my strava password has been compromised as I get warnings from my iphone (and chrome) about it. 1password popped up, let me login using the stored (compromised) password and asked if I wanted to overite it :confused: I said yes anyway and it logged me in no problem without a warning or anything. I have put the 1password app onto my phone and logged in. The strava log in details are in the vault and it has helpfully given me a green dot and "Good" next to the compromised password!
Then I logged into strava on my phone. Logged out the tried to log in again. It used the stored info in keychain to log in then told me the password has been involved in a breach! :D

Am I expecting too much for software I am paying for to get this data out of my phone apps for me automatically? As well as know if a password has been compromised and make it a strong one? Like chrome already does for free? Then automatically update these passwords across all my linked devices, like IOS does?

I think it would probably be easier to log out of everything and change the passwords manually on my phone!
Click to expand...

How/where are your passwords stored on your phone. If there's not an export option then that's an issue with your phone/wherever you're storing them and not with the password manager. The passwords on your phone could be stored in any format, or even encrypted, so is unlikely something a password manager can work around.

Just for reference, chrome on my phone has the ability to export passwords which I could then import into a password manager.
 
Stored in IOS. Accessed via settings -> passwords. I use safari to browse. They can be exported via Safari yes but only if you use a Mac. Which I don't have access too.
Under password options however there is now the ability to autofill from 1password which I have ticked. I suppose next step is to do them one at a time like above then disable auto filling from icloud in the phone. What a pain. Probably easier to just get hacked then reset my life :D
 
Vandle said:
Stored in IOS. Accessed via settings -> passwords. I use safari to browse. They can be exported via Safari yes but only if you use a Mac. Which I don't have access too.
Under password options however there is now the ability to autofill from 1password which I have ticked. I suppose next step is to do them one at a time like above then disable auto filling from icloud in the phone. What a pain. Probably easier to just get hacked then reset my life :D
Click to expand...

Yeah that sounds a royal pain. Unfortunately the one to blame there is Apple for not having password export feature.
 
Vandle said:
Stored in IOS. Accessed via settings -> passwords. I use safari to browse. They can be exported via Safari yes but only if you use a Mac. Which I don't have access too.
Under password options however there is now the ability to autofill from 1password which I have ticked. I suppose next step is to do them one at a time like above then disable auto filling from icloud in the phone. What a pain. Probably easier to just get hacked then reset my life :D
Click to expand...

You can follow one of the guides that install macOS on a virtual machine on any computer, use Safari to export and import it to another password manager, then delete the VM.

These are usually not stable enough for daily usage, but should be good enough to export your passwords.
 
Last edited:
It is annoying that Apple don't have an export feature. They play it under the guise of the Keychain being end to end encrypted and only you holding the keys, but obviously that wouldn't stop them if they really cared and weren't just trying to wall you in (see: Bitwarden). Does a family member have a Mac of some description? You can just create a new local user account (takes seconds), sign into your AppleID on it and export your passwords, sign out and delete the local account. It'd only take 10-20 mins tops and it'd solve your problem permanently. For a daily driver, I love my MBP but I always stick to FOSS tools (browsers, self-hosted Vaultwarden, rclone encrypted vault on PCloud offsite storage in lieu of iCloud, GPG etc) for exactly this reason.
 
Last edited:
Rainmaker said:
It is annoying that Apple don't have an export feature. They play it under the guise of the Keychain being end to end encrypted and only you holding the keys, but obviously that wouldn't stop them if they really cared and weren't just trying to wall you in (see: Bitwarden). Does a family member have a Mac of some description? You can just create a new local user account (takes seconds), sign into your AppleID on it and export your passwords, sign out and delete the local account. It'd only take 10-20 mins tops and it'd solve your problem permanently. For a daily driver, I love my MBP but I always stick to FOSS tools (browsers, self-hosted Vaultwarden, rclone encrypted vault on PCloud offsite storage in lieu of iCloud, GPG etc) for exactly this reason.
Click to expand...
This is probably the only solution I think, my mate has one. I brought my laptop home from work this weekend and thought Id sit down with it for an hour or two and go through them all, regardless of how tedious it may be. Its too tedious for words, don't even know where to start. I'm having an absolute western here. :D

It gets worse... I have brought in all my passwords from chrome - 119 of them. I don't know how many I have in keychain however my phone is flagging that of them, 64 are at risk accounts. Some of them though will be in chrome too but 1 password has not flagged any of them as being problematic. I think it should do this. The iphone gives me an option to change on website, then the option to use its suggested strong password. However if I do this, I have made the job of bringing them over even harder!!

Here's an example:
iPhone says eBay password has been spotted in a data leak and do I want to change it? Yes I do, it opens the eBay app and I sign in. No way I can find to change the password within the app. Open ebay on Chrome on the laptop, sign in with 1passwords saved credentials. Cool. Go to account, change password and 1password suggests a strong one, accept and save into my vault. Now eBay want me to retype that password. Can't do that as its all starred out. Can't C&P either. 1password thinks I want a new strong password. eBay says passwords don't match, well of course they don't. 1password saves in the vault as a new entry. Try again, same happens again. Now I have 4 separate vault entries for eBay and none of them are even my password! :rolleyes:

Think I might just cancel it now and uninstall it all before they charge me next week and before I do anymore damage to my mental health or lock myself out of all of my accounts permanently :cry:
 
PMSL I can highly recommend Bitwarden, if that helps any. Definitely change those compromised passwords though - even manually through account settings if you have to. It's a pain, but once they're set and in a decent password manager you're golden. If it helps you feel less alone, I once manually logged into and saved passwords into Vaultwarden (self-hosted Bitwarden) for over 300 passwords, changing most of them on the way! As you say, tedious beyond words... But now it's done everything's auto-magic and my passwords are all unique and very strong. If I have to change any in future, the manager automatically updates them in the vault.
 
You must log in or register to reply here.
Back
Top Bottom