have being using Enpass for a long time, it’s really good, you can choose any cloud provider or host your vault yourself, subscription based payment or one time only
I am also using Enpass since a decade or so and never had the urge to switch to another provider. Everything works, you got all the features (TOTP, pawned password auto-checks, native apps and autofill, storage of other things than passwords; …) and pricing is still very reasonable.
It can be fully used offline too (with WiFi sync) or with any local storage or online cloud option.
I bought it one time back then but still pay the small subscription fee since I don’t want Enpass to go away.
15 years ago the common logic was the most likely way for a password to get stolen is by writing it down and leaving it in an accessible spot, and somebody stealing the password there.
I don’t think that logic holds anymore, and with the LastPass breach I think that’s proof you want to step away from the cloud not towards it. Imo the most secure way to store passwords is to generate multiple random codes, use a portion of each and then just write those down.
You can also use a password manager that’s not connected to a cloud. Or an encrypted usb stick. The problem with writing it on paper is, that people tend to use too short passwords or repeated passphrases. Using a really long master key and a key file with an encrypted database is safer than a cloud.
Quick question - any issue with just saving passwords on Firefox? I use FF across all my devices and the sync between them without the need of an extra app is super convenient.
Or am I just being naive?
On Desktop you should set a Primary Password , then it is very secure.
https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas
Wow, so 1Password is not recommended anymore? How come? I’ve been using them for years.
Possibly because it is not open source and doesn’t have anything to offer that the other recommendations do not.
Ya I think so. These are always tech articles and Foss software is always a big feature.
But 1password has on going audits and a sane ui and mobile apps that pass the boomer-parent test. Canadian company too which is nice given the US centric tech world.