Password managers

I find myself looking at this thread thinking it's now time i need a password manager, One thing free versions vs paid is there any less protection in the free versions?
 
Cromulent said:
No. But if you go with Bitwarden you can get all the premium features for £10 a year which in my mind is basically free anyway.
Click to expand...

All I would say is don’t just pick one because it’s cheaper or free over one that’s never had a breach. Google is your friend. But password management is a prime target for hackers.
 
Wing-Man said:
All I would say is don’t just pick one because it’s cheaper or free over one that’s never had a breach. Google is your friend. But password management is a prime target for hackers.
Click to expand...
Bitwarden has had multiple external audits and is open source and is pretty well regarded.

If you are really security focused you can even run it on your own servers and not share any data with anyone else.
 
I wasn’t saying anything bad about Bitwarden I would just saying in general. There is a few password managers that have had data loss and it’s not very well reported.

Any manager your looking to use spend a few days hitting google about it before investing the time to use it
 
Last edited:
Well I don’t know this for sure. Like the actual one is better. But if it’s random there is more possible combinations with the full alphabet to use over just 10 numbers.

But what’s I mean is…

Hdvrhoghavqhidbtbfufns..
not worlds like SamsungDogHouse
 
Last edited:
wigster said:
Interesting as I was always told that numbers instead of words are a lot better, that was 20 odd years ago though. The same person use to say using postcodes are a good idea as you can easily remember them.
Click to expand...

Its all about password entropy.

I highly suggest Protonpass personally. While its still a little rough around the edges, some of the privacy features it offers are simply amazing.
 
Wing-Man said:
Well I don’t know this for sure. Like the actual one is better. But if it’s random there is more possible combinations with the full alphabet to use over just 10 numbers.

But what’s I mean is…

Hdvrhoghavqhidbtbfufns..
not worlds like SamsungDogHouse
Click to expand...

If you're using a password manager, why would you limit yourself? The whole point is that the manager remembers it so you don't have to. So on that basis, why wouldn't you have 20+ characters of a bit of everything?
 
Yes but some managers ask is you want to use words number or letters… I assumed that was his question.

Mine was use upper and lower case, numbers and symbols. It also uses European special that’s don’t come and a standard qwerty keyboard.
 
Last edited:
Bitwarden free here, both the wife and myself use the same account - works well, I do have to keep reminding her to put the new password into Bitwarden when she changes/resets it however.
 
wigster said:
Think I'm going to start with Bitwarden. On the subject of passwords is number passwords better than a word password?
Click to expand...
As another poster said, it's all about entropy. Passphrases are generally better at this than passwords. You want your master password (the one that unlocks the vault) to be as secure as possible, and to have MFA (multi-factor authentication) such as a security key, a passkey or OTP code.

password_strength.png


Ideally, a fairly random and longish sentence you will always remember is best. One with spaces, punctuation, and numbers. Something like When I was @school Mary was in year 3 and JohnB was in year 6, but this was in 1987! is a bit of an extreme example, but you get the gist. Make it personal so you'll always remember it, but nobody else will have the first clue on where to start guessing. The entropy on something like that is simply massive, but any similar sentence you're used to will take barely a second or two to type and aeons to brute force. My passphrase is in the order of 50 characters using the full ASCII range, but takes barely two seconds to type out even on a phone (I'm used to it).
 
Rainmaker said:
As another poster said, it's all about entropy. Passphrases are generally better at this than passwords. You want your master password (the one that unlocks the vault) to be as secure as possible, and to have MFA (multi-factor authentication) such as a security key, a passkey or OTP code.

password_strength.png


Ideally, a fairly random and longish sentence you will always remember is best. One with spaces, punctuation, and numbers. Something like When I was @school Mary was in year 3 and JohnB was in year 6, but this was in 1987! is a bit of an extreme example, but you get the gist. Make it personal so you'll always remember it, but nobody else will have the first clue on where to start guessing. The entropy on something like that is simply massive, but any similar sentence you're used to will take barely a second or two to type and aeons to brute force. My passphrase is in the order of 50 characters using the full ASCII range, but takes barely two seconds to type out even on a phone (I'm used to it).
Click to expand...
Thanks for that I must say in the past my passwords have been a bit on the easy side but then I wasn't really bothered as it wasn't that it was sensitive material.

Just having a read up about passphrases never even knew that was a thing lol
 
Last edited:
Rainmaker said:
As another poster said, it's all about entropy. Passphrases are generally better at this than passwords. You want your master password (the one that unlocks the vault) to be as secure as possible, and to have MFA (multi-factor authentication) such as a security key, a passkey or OTP code.
Click to expand...
What would you say is the best Account Two-step Method to use in Bitwarden? The Google Authenticator App or the email verification code.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom