• Alperto@lemmy.ml
    link
    fedilink
    English
    arrow-up
    60
    arrow-down
    3
    ·
    1 year ago

    Yes, do it! Now! It’s the safest way, but only by choosing the right and trusted ones. Examples:

    • The expensive but good one: 1Password
    • The free, geeky and difficult one for normal users: Keepass.
    • The simple and free and beloved one: Bitwarden
    • The don’t try it ever because they will leak your data: Lastpass.
    • amanwithausername@vlemmy.net
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Any reason to use the original Keepass over KeepassXC? Also, tip for anyone using Keepass or KeepassXC: there’s an Android app called KeepassDX that supports the keepass database format, so you can keep your passwords synchronized between your computer and phone by simply syncing the database file with Syncthing. No third-party server required!

      • Tanoh@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        The whole database is encrypted. Just put it on Google Drive or similar and it will be synced automatically.

        Also I don’t see Keepass(XC) as difficult or geeky.

        • ejsexton82@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I love Keepass(XC). I’ve used it for years.

          You do have to host the files yourself, which requires an extra step beyond just handing your password over to Lastpass for future leaking, but I consider that a good thing.

          • Hexarei@programming.dev
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I also consider the selfhosting of the files as a good thing - I run my own Nextcloud server, which means my password database is 100% private to me alone, only present on my hardware and I don’t have to trust a third-party to store it. Sure, it’s encrypted. but … an encrypted file on someone else’s servers is still an attack surface that I don’t have to deal with when I host it myself.