Best Password Manager?

AViking

Platinum Member
Sep 12, 2013
2,264
1
0
Title says it all. Was using roboform but figure there's probably something better out there today.
 

Zxian

Senior member
May 26, 2011
579
0
0
Lastpass. Simple, integrates with everything. Has a standalone client that you can use on a USB key. Mobile versions work reasonably well too.
 

smakme7757

Golden Member
Nov 20, 2010
1,487
1
81
I'd also say Lastpass. It's almost platform independant seeing as it's a browser addon. It's also extremely cheap if you need it on your mobile phone. Only $12 a year.
 

AViking

Platinum Member
Sep 12, 2013
2,264
1
0
Thanks. I'll give it a shot. Looks free for PC and I don't need it for mobile so that's perfect.
 

FoxFifth

Member
Feb 16, 2010
139
0
0
LastPass (in Tools > Security Check) now has an option to go through all of your passwords and give the following information about the Heartbleed problem:

Below is a list of impacted sites you have in your vault. We also show when you last updated the password for those sites, when the site last updated their certificates, and what action we recommend taking at this time.
 

jhansman

Platinum Member
Feb 5, 2004
2,768
29
91
Lastpass, by far. I know a govt. employee whose security trainers recommend it. I know, I know, you're thinking "Sure they do." Either way, it generates lovely 12-digit (or longer) encrypted passwords that even the NSA would have a touch time breaking. It's free (for the desktop; the mobile version costs), and easy to use. Great program.
 

Miramonti

Lifer
Aug 26, 2000
28,651
100
91
Wow, the tide has changed for Roboform, who's dominated public opinion the last decade or so. Roboform isn't quite as flexible as lastpass for different browsers (ie weaker in mobile integration), but it's still a great program that does a fantastic job in most browsers.

I think Roboform did themselves a disservice by being a bit arrogant about who they were going to support and who they weren't. Then lastpass grew and sought to cover integration in basically everything, and Roboform finally started to sh!t bricks and try to adapt, albeit not before it could stop the momentum, and ultimately seems to have lost it's perch on top of the password management niche.
 
Last edited:

Towermax

Senior member
Mar 19, 2006
448
0
71
I used RoboForm for years and had a lifetime subscription. Then they introduced a new version and told us we had to make an annual payment to keep using it. I figured out a way to keep it working in Firefox using one of their older add-ons and kept using it for a while.

Then I discovered LastPass, and like it better than RoboForm.
 

Specop 007

Diamond Member
Jan 31, 2005
9,454
0
0
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.
 

lxskllr

No Lifer
Nov 30, 2004
58,199
8,458
126
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.

Exactly. With proprietary security software, someone else might hold the spare keys. There's too many reasons to abuse the the end user to assume they aren't. They're either monetizing the user, or getting leaned on by the government. An otherwise honorable company that makes proprietary software is still a problem. There's too few people looking at the code, and bugs can go unnoticed, or undisclosed when found.

Proprietary software is inherently untrustworthy. You're relying on policy for security, and policy is never about security. It's like taking the doors off your house, and hanging signs saying "No Unlawful Entry". That's awesome that it's disallowed, but it's not gonna get your stereo back.
 

imported_Irse

Senior member
Feb 6, 2008
269
6
81
I used to use Keepass but then I had two times when my database was corrupt and lost all of my passwords since I could not use the databse. Luckily I made an Excel file with all of the keywords as a backup. Never again.
 

bandi

Junior Member
Apr 16, 2014
20
0
0
Keeper has a clean interface for navigating through your many log-ins .It

uses 256-bit AES encryption and adds two-factor authentication.Works fine for me !
 

Mushkins

Golden Member
Feb 11, 2013
1,631
0
0
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.

Are *you* vetting the code personally, then compiling the binary personally? If not, you're getting no more assurance that the software is kosher than a closed source application.

It's been illustrated time and time again that Open Source is not a magic guarantee that an application is more safe or secure than a closed source solution. Even big things like linux releases, you're still relying on the volunteered expertise of other people who truly understand the complex code in front of them to sift through it with a fine toothed comb every time there's a change. Being able to see the code myself doesn't help me one bit if I don't understand a word of it.

I'm sure we all remember Heartbleed, that massive bug in OpenSSL that caused all sorts of privacy breaches?:
http://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/index.html

"The bug wasn't caught until recently, because the OpenSSL Software Foundation doesn't have the resources to properly check every change to the software, which is now nearly half a million lines of code long. And yet that program guards a vast portion of our commerce and government..."
 
Last edited:

gitano

Member
Aug 4, 2008
93
0
61
+1 for KeePass

not only cause its open source, but also cause my passwords are not in the cloud of a third party.

I still store the encripted database file in the cloud, (its very convenient to sync on mobile etc) but i choose to who i trust for that, in my case SpiderOak cloud service.
 

lxskllr

No Lifer
Nov 30, 2004
58,199
8,458
126
Are *you* vetting the code personally, then compiling the binary personally? If not, you're getting no more assurance that the software is kosher than a closed source application.

It's been illustrated time and time again that Open Source is not a magic guarantee that an application is more safe or secure than a closed source solution. Even big things like linux releases, you're still relying on the volunteered expertise of other people who truly understand the complex code in front of them to sift through it with a fine toothed comb every time there's a change. Being able to see the code myself doesn't help me one bit if I don't understand a word of it.

I'm sure we all remember Heartbleed, that massive bug in OpenSSL that caused all sorts of privacy breaches?:
http://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/index.html

"The bug wasn't caught until recently, because the OpenSSL Software Foundation doesn't have the resources to properly check every change to the software, which is now nearly half a million lines of code long. And yet that program guards a vast portion of our commerce and government..."

There's no guarantees in life ever, but I'll always take code that can be reviewed over some company's totally honest pinky swear that everything's ok with their software.