Hacker News new | past | comments | ask | show | jobs | submit login

Just for example: Let's say I want to log into google's jabber service with a non-web client (pidgin or something). If I used firefox's built in password storage I could not easily log in. This applies to passwords that are not web based. In addition, firefox's security is not very strong. By default they are stored unencrypyed (Security -> Saved Passwords -> Show passwords ... That button wouldn't be there if they weren't unencrypted).

The reason I don't use LastPass is because it is proprietary. I use KeePassX over firefox because it has better security, can store associated details (Comments field which I can put, for example, what my secret was (I randomly generate those too) and so on), and can easily be used for passwords that are not for only web based stuff.

The most important detail would be the fact that passwords saved in browsers are only useful in the browser, not for apps etc.

As another random example, firefox couldn't save, say, the passwords of sites I ssh into or the irc keys I need to authenticate myself on various irc servers.




> By default they are stored unencrypyed (Security -> Saved Passwords -> Show passwords ... That button wouldn't be there if they weren't unencrypted).

Once you set up a master password then firefox encrypts them in the password database. That button is still there, but using it requires the master password before actually it shows you the stored encrypted password.


I can't use my OTP from my Yubikey with KeePass, whereas I can with lastpass - this is a huge plus in my view.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: