I've been looking for open source password managers and came across Bitwarden (https://bitwarden.com). I would love to hear your opinions about it (if there are any users here).
I don't feel safe if my passwords data is stored in the US. I prefer to use KeePass (open source) + Cloud storage from Swiss.
For a long time Swiss was out of the EU-US Privacy Shield and was advised as #1 country for storing your personal data. But this January Swiss and US finalized their agreement (http://www.alstonprivacy.com/swiss-u-s-privacy-shield-finali...).
What's wrong with passwordstore.org? It's not a service which I am giving my stuff, but just some handy script sitting on top of well-known distribution and security software. Plus tools and plugins for all the clients. There is no need for anything else than that.
* It performs delayed clipboard clearing instead of preventing further coping after first use, which is technically possible to implement, though I am not aware of any small standalone tool that does something like that.
* If you don't have something like YubiKey, password protection of gpg private key is not particularly impressive compared to the state of art.
`pass` is my current favourite, the Android app works fine and syncing text files is easy. But I'm looking forward to trying `freepass` out. The interface looks nice in the asciicinema animation in the README, a Quicksilver/spotlight style floating window.
I've been using Bitwarden a couple months now and can only speak highly. We'll see how it's security audits & stands the test of time, but so far so good for me.
I was very disappointed with the direction LastPass has taken since its acquisition by LogMeIn, mostly because the UI was becoming progressively worse. I've been using BitWarden for about a month or two now and while the workflow is a bit different, it works as well as I could hope.
[+] [-] alexdee|8 years ago|reply
[+] [-] haikkonen|8 years ago|reply
[+] [-] kerokero|8 years ago|reply
[+] [-] mcnesium|8 years ago|reply
[+] [-] wuch|8 years ago|reply
* It does not encrypt metadata.
* It performs delayed clipboard clearing instead of preventing further coping after first use, which is technically possible to implement, though I am not aware of any small standalone tool that does something like that.
* If you don't have something like YubiKey, password protection of gpg private key is not particularly impressive compared to the state of art.
[+] [-] dmix|8 years ago|reply
`pass` is my current favourite, the Android app works fine and syncing text files is easy. But I'm looking forward to trying `freepass` out. The interface looks nice in the asciicinema animation in the README, a Quicksilver/spotlight style floating window.
BitWarden looks too heavy-duty for me.
[+] [-] jefecoon|8 years ago|reply
[+] [-] iamatworknow|8 years ago|reply
[+] [-] earenndil|8 years ago|reply
[+] [-] equalunique|8 years ago|reply
[+] [-] rl3|8 years ago|reply
For those of us without eidetic memory that have to manage a large number of credentials, password managers tend to be the only viable solution.
[+] [-] stevekemp|8 years ago|reply
I wrote a simple script to show me the age of various passwords. When I realized I'd not changed some passwords for over two years I was surprised.
With your "brain" do you remember to update passwords every few years? And remember the new one easily?