The passwords store on Google chrome is not encrypted in a way that makes it hard to steal your credentials. The encryption key is stored on your file system alongside it in plain text. There are generally much fewer concerns for security in browser password managers than in standalone solutions. The standalone password managers also allow you to enter credentials into apps on your phone or desktop even if login doesn’t happen in a Web view. Usually they also allow to store much more data besides passwords (passports, encryption keys, secret text documents or pdfs, credit card information, …). I use 1password and they have very good integration I the browser and os through their extensions and apps. It’s not less convenient than chrome’s own solution.
Good to know, thanks! I wasn’t aware passwords on chrome are not encrypted.
I’ll have to take a look into cost of 1password and Bitwarden, and see if any of them have password import features from Chrome to make the switch easy
I can’t comment on 1password but Bitwarden has a free version.
KeePass is also a very good password manager but isn’t stored online. It’s a standalone application. I used KeePass for years but switched to Bitwarden last year for my online passwords.
You can sync KeePass files automatically between devices using plugins. Takes time to set up at first but afterwards you have the best of both worlds completely for free.
I used to sync using triggers over OneDrive. A while ago now, but they updated the application to handle synchronisation better and it’s pretty much baked in. KeePassXC is even better in that it can reload your database the second it detects changes.
I really do like KeePass, it features one thing many other (any?) applications don’t offer and that’s auto-typing your credentials into applications. For this reason alone I still use KeePass heavily at my workplace.
The cost is not free but if you’re comfortable with having anyone but you handle your (encrypted) data I think they are a good option. Like others said, Bitwarden is another popular alternative which you can also self-host if that’s your thing (either through their official server or through the alternative vaultwarden open-source project).
The standalone password managers also allow you to enter credentials into apps on your phone or desktop even if login doesn’t happen in a Web view.
This is possible with in-browser password managers too, at least with Firefox on Android, and I would be really surprised if it weren’t supported by Chrome as well.
The passwords store on Google chrome is not encrypted in a way that makes it hard to steal your credentials. The encryption key is stored on your file system alongside it in plain text. There are generally much fewer concerns for security in browser password managers than in standalone solutions. The standalone password managers also allow you to enter credentials into apps on your phone or desktop even if login doesn’t happen in a Web view. Usually they also allow to store much more data besides passwords (passports, encryption keys, secret text documents or pdfs, credit card information, …). I use 1password and they have very good integration I the browser and os through their extensions and apps. It’s not less convenient than chrome’s own solution.
Good to know, thanks! I wasn’t aware passwords on chrome are not encrypted.
I’ll have to take a look into cost of 1password and Bitwarden, and see if any of them have password import features from Chrome to make the switch easy
I can’t comment on 1password but Bitwarden has a free version.
KeePass is also a very good password manager but isn’t stored online. It’s a standalone application. I used KeePass for years but switched to Bitwarden last year for my online passwords.
You can sync KeePass files automatically between devices using plugins. Takes time to set up at first but afterwards you have the best of both worlds completely for free.
I used to sync using triggers over OneDrive. A while ago now, but they updated the application to handle synchronisation better and it’s pretty much baked in. KeePassXC is even better in that it can reload your database the second it detects changes.
I really do like KeePass, it features one thing many other (any?) applications don’t offer and that’s auto-typing your credentials into applications. For this reason alone I still use KeePass heavily at my workplace.
I use Bitwarden and I definitely imported all my passwords from Chrome. There’s a guide somewhere on their website I believe.
You might find this interesting on a technical level: https://www.youtube.com/watch?v=CIOsemj3kl4
Regarding import from chrome, here is the article for 1password https://support.1password.com/import-chrome/
The cost is not free but if you’re comfortable with having anyone but you handle your (encrypted) data I think they are a good option. Like others said, Bitwarden is another popular alternative which you can also self-host if that’s your thing (either through their official server or through the alternative vaultwarden open-source project).
I’m not aware of the details but my understanding has been that chrome used to store passwords unencrypted but now it does not.
They are indeed encrypted but the encryption key is stored in the user’s profile on disk, which defies the purpose.
This is possible with in-browser password managers too, at least with Firefox on Android, and I would be really surprised if it weren’t supported by Chrome as well.