Password Vault Apps

[jlsosajr]

I use “Keeper” and find it fantastic!! Great app to use on my mobile while I use as well with my PC and don’t have to worry about my password.

 

[rallen562]

I use BlackBerry Password Keeper for the same reason that Bla1ze stopped using it. It's a phone only app. I don't want it on my desktop or laptop, or any other device. If I don't have my phone with me, I obviously don't need to enter a password. I switched from BlackBerry to Samsung a few phones ago. I still use a lot of the BlackBerry software for the security aspect. As of today, I have 195 passwords to keep track of. And with all of the data breaches happening, I change most of my passwords monthly. Randomized (computer generated) passwords 16 characters in length, making use of upper and lower cases, numbers, and special characters makes it impossible to remember or to steal. I can't think of a possible need for me to be without my phone and have to enter a password. My Galaxy S10+ has almost completely changed my needs for a full blown computer. Chrome's desktop settings gives me access to desktop only software, and if I want a full desktop experience, I just plug in the Dex cable and I am set. That, along with 1.5TB of on device storage does everything possible I could ask for. BlackBerry Password Keeper, I think, is the absolute best.

 

[SergeantDroid]

I've been using mSecure for years. Works well for me and is compatible with multiple platforms. It is backed up to the cloud so I never worry about losing my data. It is $30 one time, not annual.

 

[huko84]

I use Bitwarden. It syncs across practically anything, comes with a CLI and has a free tier that allows sharing between two accounts. You can self host as well if you like.

 

[racedog]

A lot of great input so far in this thread. One of the reasons that I want to start using a password app is that I'm beginning to fall into the standard trap of using one password because trying to remember a separate and difficult password for every app, website etc. is too daunting.

In all or any of these apps is there an easy way to get our existing passwords entered into the app and, more important, how would one go about changing those existing passwords into individual, long and complex passwords?

 

[racedog]

I've been using mSecure for years. Works well for me and is compatible with multiple platforms. It is backed up to the cloud so I never worry about losing my data. It is $30 one time, not annual.

I really don't care about price, but I would lean heavily to a one time purchase (even at a high price) over an ongoing subscription plan.

 

[Mooncatt]

A lot of great input so far in this thread. One of the reasons that I want to start using a password app is that I'm beginning to fall into the standard trap of using one password because trying to remember a separate and difficult password for every app, website etc. is too daunting.

In all or any of these apps is there an easy way to get our existing passwords entered into the app and, more important, how would one go about changing those existing passwords into individual, long and complex passwords?

Last Pass is fairly easy to add and change passwords. It also has a checkup that gives you an idea of how secure you are based on password strength, age of password, duplicates, etc. One thing that may trip it up is if you have two sites that share a common login (I.e. They are part of the same company, just different domains). On the desktop version, you can link sites together, but not on the Android version.

 

[jlangner]

I have used:

Last Pass
Enpass
1 Password

I switched from last pass to 1 password about 2 months back and so far love it. Last pass was very good as well.

 

[Rukbat]

In all or any of these apps is there an easy way to get our existing passwords entered into the app and, more important, how would one go about changing those existing passwords into individual, long and complex passwords?

First ... I've been using KeePass for years. The fingerprint entry works every time. Long random passwords - up to 60 characters (I haven't tried anything longer yet - 60 is enough entropy to keep anyone but the government out so far - but if cracking gets easier, I've tried 128 character passwords, and it generates and keeps them) is trivial - just set the password generator to 60 when you use it.

How difficult is it to change the password in KeePass? Just tap (the edit pencil in the Android version, then tap) the password generator, set the length, check off the types of characters you need (some sites don't like some special characters) and you're done. Changing them on the site depends on the site. Some you just go to the profile page, put in the old one, then the new one twice and you're done. Some you have to ask to reset your password, or say you forgot it, and you get an email telling you where to go to do the same thing - old one, new one twice. (You can copy the old one and put it into the comments box in KeePass, just in case.) It's secure, and you can keep the data file on Drive, so you can use the same data file on many devices.

I tried LastPass, because so many people here recommended it. It's not bad, but I was just too used to KeePass, so I stayed with it.

 

[Human Printer]

Enpass alle the way. Using it on my Android device and Windows devices. Since it doesn't store your database on Enpass servers, there is no risk of being hacked through the Enpass servers, synchronization is done using built-in support for services like OneDrive and DropBox. The latest version even has support for handling multiple databases which can be shared with other people, but I haven't tried that feature yet so I can't say if it really working as advertised

 

[Mooncatt]

Since it doesn't store your database on Enpass servers, there is no risk of being hacked through the Enpass servers, synchronization is done using built-in support for services like OneDrive and DropBox.

I think I'd rather trust my data with the password manager servers than a general place like Drop Box.

 

[hallux]

In all or any of these apps is there an easy way to get our existing passwords entered into the app and, more important, how would one go about changing those existing passwords into individual, long and complex passwords?

As you log in to sites Roboform prompts you to save the password. You can manually edit the entry once it's saved, and it has a password generator that copies the new password to the clipboard to paste in the new password field on the site. If you change a password it asks if you want to save that password and will update the existing "card" or create a duplicate. Roboform apparently offers an import capability from other password managers but I've never had to use it.

As for the security of the data stored on the servers, here's a blog post by Roboform covering this - https://www.roboform.com/security

I can't find it but there was a blog post by Roboform when one of the other password managers was hacked, explaining the proprietary nature of the software the servers run on and how that makes penetration more difficult.

 

[dpw09]

Been a die hard BlackBerry password keeper for about 10 years but since finally moving off BlackBerry a year ago I kept the password keeper up until about 4-6 months ago.
Did a bunch of trials on multiple options but settled on Bitwarden. Loving everything about it so far.

 

[frederickdawg]

You guys trust these password apps?

 

[N4Newbie]

I think I'd rather trust my data with the password manager servers than a general place like Drop Box.

It shouldn't really matter because the database itself is (nearly always) encrypted with 256 bit encryption.

My bigger concern is, which is more likely to go down or even shutdown?

 

[criminal_bg]

ok, i guess another concern, because i'm reading the post in this thread, for those softwares that don't store your info in the cloud (because i'm not really a fan of the cloud myself) if the passwords are stored locally, what then happens if your device gets compromised??? i.e lost, stolen, or just dies??

would the suggestion be to make sure you have some sort of backup???

 

[Vince961]

I’ve been using Myki for a few years. I had started using it mainly because of the fact that they don’t store any data on the Cloud and allows me to attach 2FAs to my accounts. It doesn’t hurt that it’s also completely free (no restriction on basic features, number of devices, etc.). Their UI is also cool and keeps improving!

 

[DrDeutsch]

The first password manager I used (many years ago--I want to say around 2004) was Password Safe (I came across it as a reader of Bruce Schneier's newsletter/blog). I really liked it but stopped using it after switching from Windows to Linux for my daily driver in 2006. At that point there was no Linux port of Password Safe (although there is now since it became open source), so I switched to KeePass.

KeePass and KeePassXC work well for me because it's cross platform (I administer a lab with Linux, Windows, and Mac machines). And personally I prefer not to sync my password databases over an online service (I'm not knocking those who do--just my choice). I only use this database on my desktops & laptops, so keeping a master copy on my home desktop and using a USB drive to update my other machines (+ backup my database) isn't a big deal.

For my Pixel phone I've returned to Password Safe. It's not the same database that I use for KeePass. I don't keep very many passwords on my mobile (compared to my KeePass database)--just what I consider essential for travel and work. Password Safe on my Pixel works really easily with my NFC-enabled Yubikey (you have to set it up on a desktop or laptop already linked to your Yubikey, but it's not difficult to do). KeePass also works with the Yubikey.

Added bonus: both of these password managers are free and open source.

[NOTE: You cannot use either OTP or U2F with a Yubikey on either KeePass or Password Safe. Instead, there's a programmable slot on the Yubikey for setting up a challenge-response secret. It's not U2F, but it's enough of an extra security layer to make me comfortable having a password database on my mobile.]

 

[Scott337]

I use Keeper. It's not free, but reasonably priced. I Ike that I can sync passwords between my phone and my wife's phone. The UI is easy to use and has some customization options. I think it's $9.99 per year per device.

 

[Scott337]

You guys trust these password apps?

Yes, I do. I trust the one I use more than I trust Amazon, Google, Facebook, or any other big company that has my personal info.