
Ask HN: What password manager do you use, and why? - Fej
Okay, so CloudFlare has caused a decidedly large security breach, and everyone&#x27;s being told to change their passwords. Now&#x27;s probably a really good time to switch to a password manager.<p>I&#x27;m sure plenty of folks around here, myself included, would be interested in hearing your thoughts on popular (and not-so-popular) password managers.
======
rmurri
I recommend Enpass. Cross platform, good mobile support, inexpensive, and
usable by mere mortals.

[https://www.enpass.io/](https://www.enpass.io/)

~~~
rerx
I just started using this myself. Having a good, free Linux client and a
reasonably priced Android client was most important to me. I like how enpass
is offline-only, but neatly integrates with a number of sync providers like
Dropbox to share the encrypted password storage between devices.

Unfortunately, at this time the fingerprint reader support in the Android app
should be avoided: [https://discussion.enpass.io/index.php?/topic/1139-issues-
wi...](https://discussion.enpass.io/index.php?/topic/1139-issues-with-android-
app/#comment-3287)

------
mikebos
I tried a bunch: Lastpass Dashlane Keepass pass Passwordsafe 1password

Some a longer time then others :-) I'm currently back with lastpass.

There are two main things for me security and usability. Lastpass seems
secure, don't know for sure as it's not open source and who knows how it's
implemented. The usability is for me excellent, it works flawlessly on my
deskop, tablet and mobile.

I would argue that keepass with say dropbox sync is more secure, but the
usability is worse. It's a tradeoff at the current it seems

------
JCDenton2052
I have been using PasswordSafe and am very happy with both security and
usability. It was designed by Bruce Schneier and has been extensively peer
reviewed.

When I was looking to adopt a password manager I did some research and came
across KeePass. However, this hackernews thread:
[https://news.ycombinator.com/item?id=9727297](https://news.ycombinator.com/item?id=9727297)
dissuaded me from using it.

~~~
michalpt
I have been using KeePass for many years and didn’t know about this. Thx for
the link

------
ashman5
I use a combination of 1Password and icloud keychain on my iPhone. I have no
account with 1Password and backup to dropbox when I need to swap devices. I
use no browser extensions as this will just increase the attack surface for
very little gain. The icloud keychain keeps my iOS and MacOS devices in sync
and if I need a password for a Windows/Linux machine I'll transcribe or email
it to myself if it's too long.

------
tbihl
I use LastPass. They seem fairly transparent with their issues, the usability
is great, and I've been with them for a few years. Unless I start seeing big
issues, I'm not going anywhere, because at the end of the day the most secure
system is the one you actually use, and that's been LastPass for me.

------
koenigdavidmj
1Password's feature list, when using an account, includes: "Access your data
on the web at 1Password.com."

Is it possible to opt out of that while still using their sync? I'm uneasy
with anything that does the decryption on their end, which that seems to
qualify as.

EDIT: Supposedly the crypto is done in-browser. Still feel uneasy about that.

------
matthberg
Dashlane Premium, with sync between android, iOS, macOS, and Windows. Features
include an automatic password changer, browser addons, password sharing
management, and emergency access settings in case selected people need access
to your accounts if you die.

------
CryptoArtist
I'm using SaferPass, it is an extension to browsers and mobile (ios and
android ) app. Very easy to use, good design and it allows log out remotely,
also from websites and deletes my browser history.

------
ralfk
I use pass: [https://www.passwordstore.org/](https://www.passwordstore.org/)
\- a password manager for the commandline that can be synced with git and
stores the passwords encrypted using gpg

~~~
johnnycarcin
I have slowly been migrating from LastPass to pass and am just about ready to
go all in. There are a few hoops to jump through to get it working on android
(a requirement for me), but nothing too bad. The one thing I am having to make
a habit is always doing a git pull whenever I open it since I use it across
multiple devices.

------
MikeTV
KeePass with the KeeFox and chromeIPass browser extensions. Synced in dropbox,
using password+keyfiles that aren't in the cloud anywhere. A bit slow on
mobile, but can adjust down the rounds of encryption if it gets too annoying.

~~~
paulryanrogers
Keepass2android is a solid choice for Android mobile devices.

------
NameNickHN
I use Keepass and haven't found any fault with it. It came as a recommendation
in a blog a couple of years ago.

------
chris_7
1Password, it's usable and up to typical AppKit standards. LastPass is...
awkward.

------
stephenr
iCloud Keychain works pretty well for me, with Roland Moers' OTP Auth
([http://www.cooperrs.de/otpauth.html](http://www.cooperrs.de/otpauth.html))
for 2FA.

------
bgrohman
Currently using LastPass. Considering trying out bitwarden.

------
adictator
I use Lastpass because I believe it is as user friendly as it can get. They
did have a security incident a few years back, but the way the handled it &
the transparency & humility they showed was enough for me to trust in them.
Please read about it. Also it is free. The mobile version is not free.

