Results 1 to 10 of 10

Thread: Password Managers

  1. #1
    Senior Member Easto's Avatar
    Join Date
    Dec 2000
    Location
    So. California
    Posts
    5,500

    Question Password Managers

    I have been using KeePass as my password manager for several years. I am very happy with it and I find that it does exactly what I need in a password manager. Usually when searching for a list of reliable password managers KeePass would always show up on someone's list of the "10 best". Today I was doing a search and it appears that it has either dropped out of favor or is being pushed aside by subscription options. I was just wondering if anyone had any insight as to why KeePass doesn't seem to be in the ratings any longer? Did something adverse happen to their program that would have thrown it out of favor?

  2. #2
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida
    Posts
    11,330
    Blog Entries
    6
    Just want to chime in to mention many of those "Top 10" sites exist simply for the affiliate links, they get a couple of cents when you buy something.. So they have no interest in ranking any freeware/opensource software.
    When I need to compare software, I usually go to some site like alternativeto.net and look there, as it is based on actual user feedback, rather than some random editor.
    https://alternativeto.net/software/keepass/


    I would prefer a local/open source manager, KeePass seems pretty capable and it is being updated. In general many password managers are ok as long as the password file/database is locked, and vulnerable to exploits while it is unlocked.
    Linux is user friendly, it's just picky about its friends...
    Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits). I also eat whatever crayons are put in front of me.
    ๑۩۞۩๑

  3. #3
    Senior Member Easto's Avatar
    Join Date
    Dec 2000
    Location
    So. California
    Posts
    5,500
    I have noticed that there seems to be way too many "affiliate" sites popping up everywhere. One of the dead giveaways is the generic was they present their opinions. Basically a cut and paste job.

    When I use KeePass I only have it open long enough to grab the password I need and then it gets closed. It is never left open for convenience. It seems like it really is a great manager, it's just that most of the bad mouthing is from people saying it's just to difficult to use and learn.

  4. #4
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida
    Posts
    11,330
    Blog Entries
    6
    There are some trojans that can grab unlocked password files from common password managers if/when they are open.. Kind of a mute point if your PC is clean of malware.
    Linux is user friendly, it's just picky about its friends...
    Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits). I also eat whatever crayons are put in front of me.
    ๑۩۞۩๑

  5. #5
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,100
    Bitwarden
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  6. #6
    Senior Member Easto's Avatar
    Join Date
    Dec 2000
    Location
    So. California
    Posts
    5,500
    Quote Originally Posted by YeOldeStonecat View Post
    Bitwarden
    Thank you for the tip. I highly regard your suggestions and will take a look at this. I'm currently going through their "help" videos to see if this is a direction I'd like to go. I'm sure it probably does what I need it to do but I'll withhold any comments until I get a chance to go through it all.

    For the record, can you elaborate as to why you pick Bitwarden?

  7. #7
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,100
    Quote Originally Posted by Easto View Post
    For the record, can you elaborate as to why you pick Bitwarden?
    Have seen it recommended by many other IT people...
    Open source...so has community coding eyes on it to keep it robust.
    Excellent browser plugin if you want
    You can self host. Or use their cloud services.(I use the cloud version)
    Basic version is free, they do have a professional version that you can use, VERY low cost, can have separate vaults. Such as if for a company.
    Supports TOTP for MFA on things like Office 365 logins. While not a big deal for single users, for businesses with multiple people needing to access things that are MFA'd...this is excellent! For example, at our office, there are 6x of us. Many of us have a need to sign into many different secure portals. All can have a login with Bitwarden, and access to the TOTP code for a particular site they're logging into.

    At our office we now use HUDU for this, but it's because HUDU is also an excellent documentation system designed for IT companies and it also integrates into our RMM, SyncroMSP.

    I still use Bitwarden for my personal stuff.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  8. #8
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida
    Posts
    11,330
    Blog Entries
    6
    I was looking for something slightly different: to encrypt and password-protect sensitive info in a certain folder on removable media (USB flash drives, sdcard, laptop, etc.)

    requirements:
    - portable, easy to run/use stand-alone without installation on the host OS (run directly from USB drive?)
    - software that is not proprietary, i.e. freeware/open source/low-cost, something with a long-standing track record of being updated, audited
    - using modern industry-standard encryption and hashing algorithms, e.g. AES, sha-512 or sha-3, etc.
    - ability to easily encrypt a single folder with multiple files

    preferences:
    - create encrypted file/folder rather than a whole drive/partition
    - not using password-protected zip/rar files as a container
    - cross-platform? Windows/Android/iOS if need be
    - usable for cloud storage?
    - easy enough to recommend to non tech-savvy users?


    After a bit of searching and reading, seems the space is not large, and the only popular non-proprietary software I found that hits most of those points is TrueCrypt (no longer developed), and it's successor VeraCrypt.
    The only downside seems a bit cumbersome for USB drives. For example, you can't simply associate an encrypted file/extension to the VeraCrypt application, and have it auto-mounted. Instead, you have to find/launch the program, then choose the encrypted file, then choose what drive-letter to mount it as, finally enter password and only then you can gain access to your files. I'd much rather have preset all that so I can double-click, be prompted for a password and open the volume quickly.
    There are a few other peculiarities I am not completely happy with, for example when I mount a volume as removable, then I can't unmount it safely without doing it through the program... The volume is fixed size, which is not ideal for uploading to cloud storage, it has to sync the whole volume after changes. In general it works ok, but a bit cumbersome UI.

    Alternative I plan to look into: Cryptomator (github)


    Anyway, I am just wondering what others are using, if anything.
    Linux is user friendly, it's just picky about its friends...
    Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits). I also eat whatever crayons are put in front of me.
    ๑۩۞۩๑

  9. #9
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,100
    I used to use TrueCrypt years ago, before Bitlocker got so easily centrally managed via Microsoft 365.
    But as you noted...since it's 3rd party (thus..outside of the OS)...you have a few hoops to jump though..it does need to be installed locally on the computer to be able to mount folders.

    Since any clients I have that would need security, I have Bitlocker managed on their laptops/desktops, further encrypting folders another layer on their computer isn't necessary. They have OneDrive to protect their files. (and anything you keep in 365 is bitlockered up in the cloud)

    For portable drives, I like the "hardware encrypted" drives that have the keypads built into them. Like Apricorn FIPS2 drives
    https://apricorn.com/
    No software needed.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  10. #10
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida
    Posts
    11,330
    Blog Entries
    6
    Yeah, I get Bitlocker I suppose, it's just Microsoft proprietary. VeraCrypt and Cryptomator seem to have options to unlock files/folders on different OS, and somewhat simple small software can be ran to encrypt/decrypt. They have portable versions that can be ran from a flash drive, some Android apps, etc.

    After playing with both, seems Cryptomator is simpler and more targeted towards encrypting files in cloud storage, while VeraCrypt is more of a local full volume/partition encryption.


    The hardware encrypted USB drive seems interesting, thanks for the link.

Similar Threads

  1. download managers
    By morbidpete in forum Software Forum
    Replies: 9
    Last Post: 10-05-04, 08:25 PM
  2. Download managers?
    By Humboldt in forum General Discussion Board
    Replies: 11
    Last Post: 03-24-02, 07:01 PM
  3. Memmory Managers...
    By Dragonwc99 in forum Broadband Tweaks Help
    Replies: 5
    Last Post: 06-28-01, 06:46 PM
  4. Memory Managers
    By Dragonwc99 in forum General Discussion Board
    Replies: 11
    Last Post: 06-28-01, 01:22 PM
  5. Memory Managers?
    By milwaukeeguy in forum Hardware & Overclocking
    Replies: 1
    Last Post: 12-17-00, 10:05 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •