

Ask HN: What password manager do you use? - hackthisuk

I know the benefits of using a password manager but have yet to find one that I feel comfortable with.
======
jboynyc
This keeps coming up in recent months. I suggest you look through what folks
have been recommending.

Discussion about KeePass:
[https://news.ycombinator.com/item?id=7174595](https://news.ycombinator.com/item?id=7174595)

Discussion about Pass:
[https://news.ycombinator.com/item?id=7495337](https://news.ycombinator.com/item?id=7495337)

------
jordsmi
I use lastpass. It is probably safer to use something like KeePass, but it is
just so much easier to use lastpass.

Auto fills logins if you want, instantly generate/save passwords in the
browser, mobile app that will fill in logins on my phone, etc

------
jvoorhis
I use 1Password but it's sharing functionality is sort of a mis-feature. I
frequently work with contractors, and use GPG for sharing secure information.
Sometimes a GPG-encrypted text file is all that you need.

~~~
hackthisuk
One of the nicest I have tried so far. Unobtrusive and easy to use. I have put
the keystore on an encrypted USB which solves nearly all my problems.

One question, I can't find what the trial is. Is it time based?

~~~
citruspi
> The application downloaded from our website will remain fully functional for
> the first 30 days after you install it. After this initial trial period, you
> will need to purchase a license to continue using without restrictions.

[https://agilebits.com/home/licenses](https://agilebits.com/home/licenses)

------
ajonit
I have used password managers for more than 4 years now.

Here is how I work -

1\. When life used to be simple, (read without smartphone and tabs) I just
used desktop based Roboform (NOT cloud based) These days most of the companies
promote cloud syncing of passwords, I am completely averse to storing
passwords on cloud even if it means bit of discomfort.

2\. Now for iPhone and iPad, I downloaded Dashlane, activated their syncing
feature for few hours and synced my passwords on both the devices.

------
citruspi
I use a combination of a Yubikey and GnuPG. My GnuPG private key has a
password which consists of two parts:

1) A long secure password stored on my Yubikey 2) A shorter password (stored
mentally)

Passwords are saved into individual files and encrypted with my private key
using pass[0].

[0] pass: [http://www.passwordstore.org/](http://www.passwordstore.org/)

------
DanBC
You didn't say what platforms you intend to use it on. Nor what your most
important attack vectors are.

I use a Yubikey. The first slot is set to a long secure password and is used
to gain access to my machine. The second slot is a long secure password which
is combined with other text on a per-website basis. I type the text and push
the Yubikey button for the rest. This is suboptimal.

~~~
hackthisuk
Portability is one of my main concerns as I use a variety of platforms e.g.
Linux at home, Windows at work and Android on the go. I would also be a little
hesitant to trust a hosted solution. SuperGenPass (www.supergenpass.com)
seemed like a nice solution but I am concerned about what happens when I need
to change password.

Does Yubikey have a solution for Android? They seem right up my street.

------
svennek
I have a (homemade) thin bash-wrapper around gnupg, which stores the passwords
in a folder, that is backed up by git-annex..

The main work is done by a vim-autocommand-group (augroup) which runs the file
through gpg on open/save if it ends with .gpg

------
ionised
KeePass, stored on protected flash drives.

I carry one on my keyring and keep backups.

I have little faith in cloud-based/browser-based managers.

~~~
hackthisuk
I was put off a bit by the requirement of Mono for Linux but I see there is a
port called KeePassX. This might be a nice compromise.

------
msh
F secure key works well and syncs well between all my devices and computers.

------
GarethShapiro
Datavault. Syncs nice with Mac/iOS.

