Hi Guys!
I'm pretty good at making sure my important accounts have unique passwords and try to change them at regular intervals however I had a recent scare when my main email has someone attempt to log-in with the correct password and also had an attempt to port my phone number on the same night (so glad I recently changed from pre-paid to contract) so I'm looking into using a password manager to completely randomise all my passwords, I'm wondering which ones ppl use and what you like about them? Are they easy to use on different devices (Android, PC, iOS) & if you decided to use a paid version what was your reasoning.
It's only for my personal use but as someone who's switched almost everything to online over the past years the thought of what they could've done with control of my main email and phone over the weekend terrifies me.
Thanks everyone :)
Best Password Manager Free & Paid (Why Is It Worth Paying for)
Last edited 23/01/2021 - 18:11
Comments
- 1
- 2
I personally love 1Password, I pay for a family plan with a few friends and it works out to around $13/year, which is absolutely nothing for the peace of mind and feature set that it provides.
They had this great beta feature where the browser extension could be unlocked using the Touch ID sensor on my Mac (by communicating with the desktop app which supports this feature already) but they've removed it for the time being, apparently it will be coming back with support for Windows Hello.
This. I've been using it for a decade across iOS, Windows, macOS — it's fantastic. Nothing else comes close. Well worth the money.
Keepass for easy setup.
Bitwarden RS for a sleek Lastpass-esque experience.
Both free, both open source, neither require you to trust a company with your passwords.There is no good reason to pay for password managers.
One thing you can do is configure your email account to only use MFA options that are not based on SMS/phone call at all. Don't even have it as a backup option.
I have my Gmail configured to have the mobile prompt, with backup methods being the app (6 digit TOTP) or backup codes, which are physically written down and stored at 2 locations (with a QR code of the TOTP as well for convenience).
So now they physically need your phone or backup codes to get through.. mobile phone porting scams are scarily easy and I definitely do not trust my telco to not give my number to a scammer.
Note that you probably can't configure all email providers to do this, some may require SMS 2FA, which is concerning but better than nothing.
agree most banks in australia are using sms way…
I recommend Bitwarden. use it daily
I love 1Password. While not regarded as the most secure due to the cloud saved data (if you choose to use that). I've found it extremely user friendly across many devices. I've practically used it on any device you could imagine. Android, iOS, Tablets, Windows Laptop & Macbook. It's simple and synced across all of your devices.
The in-built Google Authenticator functionality is great, I login to a website with an attached 2FA and it either inputs the 2FA code immediately or copies it to the clipboard for me to paste easily.
I haven't used others, but don't plan to as this does everything I could possibly need it for.
but not free
They asked for Free and Paid, and why it's worth paying for. Which I've stated above.
I took the trial period and set it all up and couldn't get enough of it. Purely being in their platform and passwords saved doesn't lock you in, you can still read the passwords and get out of their ecosystem if you so choose.
But the convenience of knowing that my passwords are different on every site is reassurring. As well as being integrated with various compromised credential lists, which then alert you to the data breach and suggest you change your password.
fair enough. yeah im planning to make all my pass. different for each site.. urgh…. so many of them….
@CyberMurning: Yeah I don’t think I could’ve made the change without a good password manager.
It really didn’t take too long to work through them all. And the outliers were fixed up quick once I needed to log in to them.
I've been using 1Password without a paid subscription for years, you can host the (encrypted) password file on DropBox and install client apps on iOS/Android.
I'm not comfortable with a vendor hosted cloud service that presents a single password repository for hackers to target (e.g. LastPass).
1Password requires a Master Password and a Secret Key to unlock any part of your data on a new PC/Web Browser
If you can find a few close friends/family (up to 5 people I think) to split a lastpass family plan it works out super economical. Also makes it easy to share some password between close friends and family. For example we have our streaming services passwords shared for all family members.
another + for Bitwarden,
works across all my devices and recognises all the sites/apps that I use
https://landing.google.com/advancedprotection/
Its suprisingly usable and its major selling point would be very good protection against social engineering.
Bitwarden & keepassxc
Dont put all your eggs in one basket.
Passwords in 1, 2fa in another.
Open source for the win.For those that dont understand open source. It means any1 can read how the app is made.
So they can read the code and look for any nasty stuff, eg. Trackers, calling home to international server/s.
These days a lot of free apps, are selling your private information.
Eg. Facebook, google etc
Use alternativeto.net to find open source apps.
Look into privacytools.io
Join reddit
r/privacy & r/privacytoolsIOAvoid installing apps on your phone.
A lot of time you can use a web browser to access your information.
Yes it may not be pretty but at least your app isnt tracking your every text/photo, who knows because it is probably closed source.And if your not gaming on your pc/laptop install linux, I use linux mint xfce. Yes there's a learning curve, yes its not windows or Mac.
But it is open source software, and not closed source like the other 2 I have just mentioned.
Linux mint does the same, web browser, office (libre office), scanner, etc. You'll be suprised.OK that's enough for today
Stay safe, bb. 🖐️But open source means hackers can easily see how the softwares are made ?
Closed source can means hackers/company can easily spy on us without us knowing.
You clearly have no clue what you're talking about.
That's not as naive as it sounds. Just because software or services are open source doesn't mean people with proper expertise will scrutinise it.
That event jolted the tech industry into action over poorly funded open-source projects that are critical to the internet but lack resources to find and patch bugs.
https://www.zdnet.com/article/open-source-security-this-is-w…
https://www.zdnet.com/google-amp/article/open-source-softwar…
- 1
- 2
You could use Keepass and store the password database in Google Drive. Drive can sync the file between PC's and android (Keepass2Android), so there's no need to pay for cloud backup and all devices will get all password updates.