Hacker News new | past | comments | ask | show | jobs | submit login

I've been using an excel workbook that is stored in an encrypted image as my ways to manage passwords.

How are these services that people mention in the comments, better at doing the same?

Is there a better way someone has come up with to manage passwords where you don't have to rely on these services?

Local keepass database, synced with $yourpreferredcloudservice.

On my Android phone I use a keepass app that includes a keyboard, which integrates typing in username/password.

Also supports 2fa totp, which feels to me like poking holes in the whole idea, but if you want to use it it's there.

> Also supports 2fa totp, which feels to me like poking holes in the whole idea

I'm a Keepass user and I didn't know it had support for 2fa. Why do you feel it's poking holes in the idea?

- they automatically fill login forms in browser. Nicer than copy/pasting things around and more secure: there's malware stealing clipboard contents, and you can also accidentally CTRL+V your password in chat window ;-)

- Excel has larger attack surface than purpose-built password managers. Have you checked Excel doesn't leave behind recovery copies of your passwords file in c:\windows\temp ?

Mainly in the user experience, not having to deal with setting up and backing up a personal encrypted store, and the ability to access the same data from multiple machines.

The cost, of course, is in the data being remote, and you generally have to trust the company and processes around their handling of your data.

I pay for LastPass because on Android, it will automatically fill in passwords on any screen, saves a ton of time, I wouldn't want to fuss around with a spreadsheet on my phone...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact