
Ask HN: Any suggestions for a secure password manager? - tyagis
The last thread that I could find on this topic was about 18 months old, so I guess its a good time to seek the possibly refreshed suggestions.
======
WorldMaker
I'm still happy with KeePass. Currently using one of my cloud-drive folders to
manage my password files (at this point I have some context-specific side
files), but debating switching over to a Resilio Sync share (possibly an
encrypted share with a "know nothing" backup node in the cloud somewhere).

~~~
tyagis
Have you used it with Darwin/OSX? How's the experience?

~~~
WorldMaker
I don't have any macOS devices, but I did not have any trouble running the
official KeePass 2 directly on Mono on Linux. I've heard there are good
unofficial native clients for macOS, but I don't have any direct experience.
(I have used unofficial iOS and Windows Phone/UWP clients and not had any
trouble with any of them either.)

------
zie
1Password. Can run 100% local(how I run it). It is Commercial, but on a Mac,
especially with tools like
[https://github.com/ravenac95/sudolikeaboss](https://github.com/ravenac95/sudolikeaboss)
, it's totally the best there is, integration wise, and speeds up productivity
an amazing amount while staying pretty secure.

~~~
anexprogrammer
They're not so great at fixes and adding features. I much prefer 1Password's
interface to anyone else's, especially on Mac.

It took them a year to fix the metadata privacy issue with Android Dropbox
sync, despite many asking in forum.

They recently added a TOTP generator. Years ago they talked of adding Yubikey,
now they seem to dislike the idea of Yubikey or any 2FA. That seems odd.

~~~
zie
1password can support typing in the master password with Yubikey, if you
configure the yubikey to output a static password. They have a blog post and
an answer here about it: [https://www.quora.com/Will-1Password-ever-support-
YubiKey](https://www.quora.com/Will-1Password-ever-support-YubiKey) that are
worth reading.

------
simon_acca
If you fancy a CLI and git repositories for synchronizing your password
database, try the standard unix password manager :
[https://www.passwordstore.org/](https://www.passwordstore.org/)

------
lordmjk
I love pass (password store.org), which generates and files your password as a
gpg encrypted file in a folder tree, is scalable to have the file decrypted by
different gpg keys, comes with hit support, and a android app is available
(fdroid) that integrates with openkeychain and yubikeys and fidesmo cards.
Perfect.

------
rgacote
I'm fond of pwsafe. Runs on Mac and IOS and shares file in cloud. Like that it
is not browser based (though they do have an optional browser plug-in).
Excellent for storing hundreds of passwords and security entries.
[https://pwsafe.info/](https://pwsafe.info/)

------
dilithiumhe3
I use yubikey with lastpass. There are a bunch of options at
[https://www.yubico.com/why-yubico/for-
individuals/password-m...](https://www.yubico.com/why-yubico/for-
individuals/password-managers/)

------
WhiteSource1
KeePass is great - no connection to the cloud, so can't get attacked. Though
putting it on Dropbox or Onedrive sort of defeats the purpose.

LastPass is great but there was a breach last year, in which they claim
nothing was compromised and they offer a free plan.

------
rmurri
Take a look at Enpass. [https://www.enpass.io/](https://www.enpass.io/)

------
fbnlsr
I've been using LastPass with a Yubikey for several years now.

It's never let me down.

------
crypto5
What about google smart lock?

