• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Best Password Manager?

AViking

AViking

Platinum Member
Title says it all. Was using roboform but figure there's probably something better out there today.
 
Lastpass. Simple, integrates with everything. Has a standalone client that you can use on a USB key. Mobile versions work reasonably well too.
 
I'd also say Lastpass. It's almost platform independant seeing as it's a browser addon. It's also extremely cheap if you need it on your mobile phone. Only $12 a year.
 
Thanks. I'll give it a shot. Looks free for PC and I don't need it for mobile so that's perfect.
 
LastPass (in Tools > Security Check) now has an option to go through all of your passwords and give the following information about the Heartbleed problem:

Below is a list of impacted sites you have in your vault. We also show when you last updated the password for those sites, when the site last updated their certificates, and what action we recommend taking at this time.
Click to expand...
 
Lastpass, by far. I know a govt. employee whose security trainers recommend it. I know, I know, you're thinking "Sure they do." Either way, it generates lovely 12-digit (or longer) encrypted passwords that even the NSA would have a touch time breaking. It's free (for the desktop; the mobile version costs), and easy to use. Great program.
 
Wow, the tide has changed for Roboform, who's dominated public opinion the last decade or so. Roboform isn't quite as flexible as lastpass for different browsers (ie weaker in mobile integration), but it's still a great program that does a fantastic job in most browsers.

I think Roboform did themselves a disservice by being a bit arrogant about who they were going to support and who they weren't. Then lastpass grew and sought to cover integration in basically everything, and Roboform finally started to sh!t bricks and try to adapt, albeit not before it could stop the momentum, and ultimately seems to have lost it's perch on top of the password management niche.
 
Last edited:
I used RoboForm for years and had a lifetime subscription. Then they introduced a new version and told us we had to make an annual payment to keep using it. I figured out a way to keep it working in Firefox using one of their older add-ons and kept using it for a while.

Then I discovered LastPass, and like it better than RoboForm.
 
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.
 
Specop 007 said:
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.
Click to expand...

Exactly. With proprietary security software, someone else might hold the spare keys. There's too many reasons to abuse the the end user to assume they aren't. They're either monetizing the user, or getting leaned on by the government. An otherwise honorable company that makes proprietary software is still a problem. There's too few people looking at the code, and bugs can go unnoticed, or undisclosed when found.

Proprietary software is inherently untrustworthy. You're relying on policy for security, and policy is never about security. It's like taking the doors off your house, and hanging signs saying "No Unlawful Entry". That's awesome that it's disallowed, but it's not gonna get your stereo back.
 
I used to use Keepass but then I had two times when my database was corrupt and lost all of my passwords since I could not use the databse. Luckily I made an Excel file with all of the keywords as a backup. Never again.
 
Keeper has a clean interface for navigating through your many log-ins .It

uses 256-bit AES encryption and adds two-factor authentication.Works fine for me !
 
Specop 007 said:
Keepass.
Why?
2 words. Open Source.

Theres just too many shenanigans with security these days to go any other direction.
Click to expand...

Are *you* vetting the code personally, then compiling the binary personally? If not, you're getting no more assurance that the software is kosher than a closed source application.

It's been illustrated time and time again that Open Source is not a magic guarantee that an application is more safe or secure than a closed source solution. Even big things like linux releases, you're still relying on the volunteered expertise of other people who truly understand the complex code in front of them to sift through it with a fine toothed comb every time there's a change. Being able to see the code myself doesn't help me one bit if I don't understand a word of it.

I'm sure we all remember Heartbleed, that massive bug in OpenSSL that caused all sorts of privacy breaches?:
http://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/index.html

"The bug wasn't caught until recently, because the OpenSSL Software Foundation doesn't have the resources to properly check every change to the software, which is now nearly half a million lines of code long. And yet that program guards a vast portion of our commerce and government..."
 
Last edited:
+1 for KeePass

not only cause its open source, but also cause my passwords are not in the cloud of a third party.

I still store the encripted database file in the cloud, (its very convenient to sync on mobile etc) but i choose to who i trust for that, in my case SpiderOak cloud service.
 
Mushkins said:
Are *you* vetting the code personally, then compiling the binary personally? If not, you're getting no more assurance that the software is kosher than a closed source application.

It's been illustrated time and time again that Open Source is not a magic guarantee that an application is more safe or secure than a closed source solution. Even big things like linux releases, you're still relying on the volunteered expertise of other people who truly understand the complex code in front of them to sift through it with a fine toothed comb every time there's a change. Being able to see the code myself doesn't help me one bit if I don't understand a word of it.

I'm sure we all remember Heartbleed, that massive bug in OpenSSL that caused all sorts of privacy breaches?:
http://money.cnn.com/2014/04/18/technology/security/heartbleed-volunteers/index.html

"The bug wasn't caught until recently, because the OpenSSL Software Foundation doesn't have the resources to properly check every change to the software, which is now nearly half a million lines of code long. And yet that program guards a vast portion of our commerce and government..."
Click to expand...

There's no guarantees in life ever, but I'll always take code that can be reviewed over some company's totally honest pinky swear that everything's ok with their software.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top