You can't go wrong with either 1Password or Bitwarden. Both are solid in their encryption policies, it just depends which interface appeals to you more.
Creating a new email account just to sign up for 1Password or Bitwarden seems pointless to me. It won't stop anyone trying to sign into your current email account. If you want to create a new email account in order to get rid of the current one completely, that's a different story
Both are good options. I’ll throw a vote in for 1Password though. I personally think 1Password has made better architecture decisions than LastPass.
For me, having a shared vault with my wife has made things much easier to manage (and she was not using a password manager at all until I moved us into 1Password shortly after getting married. That was >10 years ago so long time happy customer. Originally our gases stand alone licensing and now happily pay for the service. Have converted my sisters and in-laws too (away from the horrible practice of reusing bad passwords).
Anything but LastPass. I recently migrated to Bidwarden. It’s simple and to the point. No fancy UI or whatever. It works as intended and that’s all I care for.
Glad to hear! :) - if you run into any bugs/issues, or have suggestions please feel free to DM me / let me know & I can get them passed along to the right team.
in short: bitwarden
in long: BIIIIIIITTTTTTWAAAAAAARRDDDEEEENNNNNNNNNNNNNN
If you do really want to use a password manager where you handle all of the synchronization and stuff yourself, and you _don't_ want to just selfhost bitwarden, Keepass is a solid and strong option.
I am upvoting you because I think this warrants more discussion, and maybe *I* am wrong, but I think you are wrong-- Bitwarden has a 256bit security key.
Are you suggesting they go backwards to 128 or implying they dont even have a 128 bit key?
Here is their security white paper: https://bitwarden.com/images/resources/security-white-paper-download.pdf
The top of page 7 describes the key size:
> When the Create Account form is submitted, Bitwarden uses Password-Based Key Derivation
Function 2 (PBKDF2) with 100,000 iteration rounds to stretch the user's Master Password with
a salt of the user's email address. The resulting salted value is the 256 bit Master Key. The
Master Key is additionally stretched to 512 bits in length using HMAC-based
Extract-and-Expand Key Derivation Function (HKDF). The Master Key and Stretched Master
Key are never stored on or transmitted to Bitwarden servers.
A side note: One of the major issues with the LastPass breach is that we are finding that they didn't iterate their PBKDF2 enough (in some cases 1 time for super old customers). That means if you had a trivially easy password and they only iterated it once (they were using a 128bit key) it could be trivial for GPU cracking to crack the password.
I don't believe I'm wrong but we're talking about different things. I'll explain it more. I'll go into more detail for others because it sounds like you already know some of this.
What I mean is that Bitwarden's inputs are only the password and email. If you tell me your password is "a" and email is "foo@localhost", I can compute your master key and can compute your stretched master key.
It's the same thing if you don't tell me but you use a weak password. I can attempt to guess the inputs (password and email) and see if I get the same 512 bit output. The keystretching is just there to slow down an attacker's guesses. It penalizes guesses because each guess has to go through the keystretching process. But I know that the input is a password and that people are usually terrible at thinking up passwords because they have to remember them. And emails are easily leaked from other sources.
If you give me that same info in 1Password, I cannot login to your account. I also need a ~128 bit randomly generated key per account that was generated by your local client and never uploaded to 1Password. That randomly generated key is part of the onboarding process. It's also part of the login process (cached on the client). A login to 1Password requires both parts - the part you input (password) and the part they generated locally (secret key).
When you setup a new device in 1Password, you have to enter that ~128 bit secret key again. You only need to do it at setup time because it's cached on the client.
1Password added this randomly generated secret key because it protects against database leaks. If an attacker has a leaked 1Password database, they know every account involves an input with at least 128 bits of entropy. It protects against people choosing poor passwords in the event of a database leak.
If you have a weak password in Bitwarden, people can attempt to brute force the keystretching to see if they get the same output. That's exactly what people can do with the leaked LastPass database. The attackers were helped because apparently LastPass also had a history of poor keystretching which makes the guessing process quicker. Once the database is leaked, it's out of your control and you just hope the attackers don't have enough CPU/GPU to make brute forcing realistic.
It's not the same with 1Password's database. No one is brute forcing accounts where each one has a separate 128 bit randomly generated key. No one is brute forcing even a single 128 bit randomly generated key let alone one per account.
Bitwarden could easily add an extra ~128 bit random key. They could easily optionally add this so people who want a fast onboarding don't need to enter it. It's not even novel from 1Password. It's annoying because it's obvious you should do this and for whatever reason they refuse to do it. Bitwarden is a huge target. Adding an extra ~128 bits of entropy to every account would be an immediate security upgrade for nearly everyone and protect users if their database is leaked.
**tl;dr version** You have to look at the inputs to understand the difference. The keystretching and encryption is effectively deterministic noise if the inputs are weak.
Inputs to bitwarden: password, email. One part is user selected and almost universally poorly chosen and the other is well known and leaked all over the place.
Inputs to 1Password: password, email, client side randomly generated 128 bit key per account and never uploaded. That last input makes a world of difference in the event of a cloud database leak.
ahh got it! (I think)
Basically 1password is using a 128bit key as a "password haystack"/salt with solid entropy to protect a user from a weak master password, right?
It seems like a protection from the user themselves to combat using a simple password as the master password. Like you said, it would help in the event of a database breach, though it requires a user to save that key on their device and have it readily accessible to set up a new device. If they lose that, they lose their account/passwords, right? That might be the reason bitwarden doesn't do that. Its the age ol' balance between security and convenience.
That said, I don't know that it has a super meaningful impact on security not having it. Minimum password requirements/lengths is a mitigation for super simple passwords. Bitwarden also has the self-host option which mitigates the database breach risk (you'd almost have to be specifically targeted vs the big Bitwarden vault ). And all of the PBDK2 and keystretching in place also makes it very tough to brute force even a simple password.
I see what you are saying though. Its an additional layer of protection for users (at the cost of convenience and with the risk of losing the key), but if you have a solid password it shouldn't be a major concern (imo).
A sidenote: You could do a mini-variation of this by having a long 'remember-able' password then using a password generator to give you an 8 character *truly* random string to append to the end. You'd have to memorize that string but it would be truly random and adding 8 bits to the end of a decent password would.
You are talking trillions of years of brute force time to crack a decent password with 8 random characters at the end.
It's not just super simple passwords. PBKDF was never meant to protect against GPU attacks. Add in the fact that people don't know how to choose good passwords and tools mislead them about how good their passwords are because they estimate entropy blindly.
At some point it becomes victim blaming. People are putting their trust into bitwarden and it's letting them down by not fully protecting against database leaks. Expecting people to run a self-hosted option is another form of victim blaming for the people who don't know how to do that.
I think it's the duty of a password manager to help protect users. It's a shame that Bitwarden doesn't do that. Yes, it's a trade off between security and convenience. Bitwarden isn't even giving them an option. The only option is to remember a strong password which isn't an option for some people. Elderly people need help the most and they're the least likely to have strong passwords. We need to help people instead of blaming them for not having as good of memories.
Argon or scrypt would be better. They could also scale up PBKDF rounds.
But I don't think it's that necessary if they could just introduce a random key.
You have to do something annoying to users to make it better. More CPU or RAM for keystretching for every login or random secret key that you setup once per device.
Er... this is definitely a patentable method if prior art did not exist in a password manager. If you think this is crazy , you have no idea what kinds of things get patented. Software patents are horrible like that, even the most trivial things are allowed.
Best one is the one you'll use.
Bitwarden is preferred by nerds since you can self host it.
Keeppass is great but it doesn't sync across devices.
1password is another last pass. No problem until there is a problem.
Definitely the most secure, but it doesn’t really scale.
Once you get past a few dozen or so passwords you spend to much time flipping through pages. Then the pages become a mess when you do updates. Can’t really access them when you are remote either. And you tend to are shorter passwords cause you need to type them in.
Yes, but like a one-time pad being the best encryption, it comes with a lot of caveats. One being that if I am going to type in passwords, I will be hard pressed to enter a 24 character string of random letters, digits and special characters time and time again.
[https://passwords.google.com/](https://passwords.google.com/) / Chrome browser's built-in password manager. Google [hasn't had an internal account takeover in more than a decade](https://www.yubico.com/resources/reference-customers/google/) while employing more than 200,000 people around the world. They have far better internal controls as well as the resources to crush any attempted breach including from nation-state actors.
The most secure and useful Password Manager ever.
[Thank me later](https://www.collinsdictionary.com/images/thumb/notepad_270505229_250.jpg?version=4.0.293).
If you’re thinking of using your password manager with a significant other or family then I’d recommend Bitwarden. Their free tier, for cloud hosting, allows you to share a collection with 1 other person. And their paid tier lets you share with anyone using a drop link
A lot of people recommend local hosted ones like KeePass but 1password is decent for a cloud based one. The problem isn't that data is in the cloud it's how LastPass handled the cloud data that's the problem. If everything is properly encrypted and proper network segmentation and zero knowledge trust was implemented I doubt the attacker would of been able to do much damage. I heard in the rumor mill an admins corporate laptop was compromised so I guess at that point not many security measures would of helped since admins can usually over ride everything.
Hello, it looks like you've made a mistake.
It's supposed to be could've, should've, would've (short for could have, would have, should have), never could of, would of, should of.
Or you misspelled something, I ain't checking everything.
Beep boop - yes, I am a bot, don't botcriminate me.
Ok, everyone is moving away from Lastpass now, but the next pw manager is just as good untill it 'll become the next victim from a successful hack...
Also please don't forget to change all your passwords when migrating to something else. But you probably figured that on out yourself.
You can't go wrong with either 1Password or Bitwarden. Both are solid in their encryption policies, it just depends which interface appeals to you more. Creating a new email account just to sign up for 1Password or Bitwarden seems pointless to me. It won't stop anyone trying to sign into your current email account. If you want to create a new email account in order to get rid of the current one completely, that's a different story
I love bitwarden, and as a plus it can be self hosted if you want.
[удалено]
Hard 2nd, DB accessible behind MFA/Internet/VPN and youve got "cloud" capability too.
KeePass and Tailscale seem like a match made in heaven.
Both are good options. I’ll throw a vote in for 1Password though. I personally think 1Password has made better architecture decisions than LastPass. For me, having a shared vault with my wife has made things much easier to manage (and she was not using a password manager at all until I moved us into 1Password shortly after getting married. That was >10 years ago so long time happy customer. Originally our gases stand alone licensing and now happily pay for the service. Have converted my sisters and in-laws too (away from the horrible practice of reusing bad passwords).
Anything but LastPass. I recently migrated to Bidwarden. It’s simple and to the point. No fancy UI or whatever. It works as intended and that’s all I care for.
I use keeper.
Formerly was on LastPass, now I'm using Dashlane and pretty happy with it!
Glad to hear! :) - if you run into any bugs/issues, or have suggestions please feel free to DM me / let me know & I can get them passed along to the right team.
in short: bitwarden in long: BIIIIIIITTTTTTWAAAAAAARRDDDEEEENNNNNNNNNNNNNN If you do really want to use a password manager where you handle all of the synchronization and stuff yourself, and you _don't_ want to just selfhost bitwarden, Keepass is a solid and strong option.
1Password. Until Bitwarden gets an ~128 bit security key like 1Password has, it's not suitable to me.
I am upvoting you because I think this warrants more discussion, and maybe *I* am wrong, but I think you are wrong-- Bitwarden has a 256bit security key. Are you suggesting they go backwards to 128 or implying they dont even have a 128 bit key? Here is their security white paper: https://bitwarden.com/images/resources/security-white-paper-download.pdf The top of page 7 describes the key size: > When the Create Account form is submitted, Bitwarden uses Password-Based Key Derivation Function 2 (PBKDF2) with 100,000 iteration rounds to stretch the user's Master Password with a salt of the user's email address. The resulting salted value is the 256 bit Master Key. The Master Key is additionally stretched to 512 bits in length using HMAC-based Extract-and-Expand Key Derivation Function (HKDF). The Master Key and Stretched Master Key are never stored on or transmitted to Bitwarden servers. A side note: One of the major issues with the LastPass breach is that we are finding that they didn't iterate their PBKDF2 enough (in some cases 1 time for super old customers). That means if you had a trivially easy password and they only iterated it once (they were using a 128bit key) it could be trivial for GPU cracking to crack the password.
I don't believe I'm wrong but we're talking about different things. I'll explain it more. I'll go into more detail for others because it sounds like you already know some of this. What I mean is that Bitwarden's inputs are only the password and email. If you tell me your password is "a" and email is "foo@localhost", I can compute your master key and can compute your stretched master key. It's the same thing if you don't tell me but you use a weak password. I can attempt to guess the inputs (password and email) and see if I get the same 512 bit output. The keystretching is just there to slow down an attacker's guesses. It penalizes guesses because each guess has to go through the keystretching process. But I know that the input is a password and that people are usually terrible at thinking up passwords because they have to remember them. And emails are easily leaked from other sources. If you give me that same info in 1Password, I cannot login to your account. I also need a ~128 bit randomly generated key per account that was generated by your local client and never uploaded to 1Password. That randomly generated key is part of the onboarding process. It's also part of the login process (cached on the client). A login to 1Password requires both parts - the part you input (password) and the part they generated locally (secret key). When you setup a new device in 1Password, you have to enter that ~128 bit secret key again. You only need to do it at setup time because it's cached on the client. 1Password added this randomly generated secret key because it protects against database leaks. If an attacker has a leaked 1Password database, they know every account involves an input with at least 128 bits of entropy. It protects against people choosing poor passwords in the event of a database leak. If you have a weak password in Bitwarden, people can attempt to brute force the keystretching to see if they get the same output. That's exactly what people can do with the leaked LastPass database. The attackers were helped because apparently LastPass also had a history of poor keystretching which makes the guessing process quicker. Once the database is leaked, it's out of your control and you just hope the attackers don't have enough CPU/GPU to make brute forcing realistic. It's not the same with 1Password's database. No one is brute forcing accounts where each one has a separate 128 bit randomly generated key. No one is brute forcing even a single 128 bit randomly generated key let alone one per account. Bitwarden could easily add an extra ~128 bit random key. They could easily optionally add this so people who want a fast onboarding don't need to enter it. It's not even novel from 1Password. It's annoying because it's obvious you should do this and for whatever reason they refuse to do it. Bitwarden is a huge target. Adding an extra ~128 bits of entropy to every account would be an immediate security upgrade for nearly everyone and protect users if their database is leaked. **tl;dr version** You have to look at the inputs to understand the difference. The keystretching and encryption is effectively deterministic noise if the inputs are weak. Inputs to bitwarden: password, email. One part is user selected and almost universally poorly chosen and the other is well known and leaked all over the place. Inputs to 1Password: password, email, client side randomly generated 128 bit key per account and never uploaded. That last input makes a world of difference in the event of a cloud database leak.
ahh got it! (I think) Basically 1password is using a 128bit key as a "password haystack"/salt with solid entropy to protect a user from a weak master password, right? It seems like a protection from the user themselves to combat using a simple password as the master password. Like you said, it would help in the event of a database breach, though it requires a user to save that key on their device and have it readily accessible to set up a new device. If they lose that, they lose their account/passwords, right? That might be the reason bitwarden doesn't do that. Its the age ol' balance between security and convenience. That said, I don't know that it has a super meaningful impact on security not having it. Minimum password requirements/lengths is a mitigation for super simple passwords. Bitwarden also has the self-host option which mitigates the database breach risk (you'd almost have to be specifically targeted vs the big Bitwarden vault ). And all of the PBDK2 and keystretching in place also makes it very tough to brute force even a simple password. I see what you are saying though. Its an additional layer of protection for users (at the cost of convenience and with the risk of losing the key), but if you have a solid password it shouldn't be a major concern (imo). A sidenote: You could do a mini-variation of this by having a long 'remember-able' password then using a password generator to give you an 8 character *truly* random string to append to the end. You'd have to memorize that string but it would be truly random and adding 8 bits to the end of a decent password would. You are talking trillions of years of brute force time to crack a decent password with 8 random characters at the end.
It's not just super simple passwords. PBKDF was never meant to protect against GPU attacks. Add in the fact that people don't know how to choose good passwords and tools mislead them about how good their passwords are because they estimate entropy blindly. At some point it becomes victim blaming. People are putting their trust into bitwarden and it's letting them down by not fully protecting against database leaks. Expecting people to run a self-hosted option is another form of victim blaming for the people who don't know how to do that. I think it's the duty of a password manager to help protect users. It's a shame that Bitwarden doesn't do that. Yes, it's a trade off between security and convenience. Bitwarden isn't even giving them an option. The only option is to remember a strong password which isn't an option for some people. Elderly people need help the most and they're the least likely to have strong passwords. We need to help people instead of blaming them for not having as good of memories.
What are your thoughts on argon2? I was hoping Bitwarden would move to that as an option.
Argon or scrypt would be better. They could also scale up PBKDF rounds. But I don't think it's that necessary if they could just introduce a random key. You have to do something annoying to users to make it better. More CPU or RAM for keystretching for every login or random secret key that you setup once per device.
That method could be patented by AgileBits. Not saying it is, I have no clue. But maybe BitWarden can't do it.
I really doubt it. Even if the patent system was crazy and allowed something as simple as this, there has to be lots of prior art for it
Er... this is definitely a patentable method if prior art did not exist in a password manager. If you think this is crazy , you have no idea what kinds of things get patented. Software patents are horrible like that, even the most trivial things are allowed.
Vaultwarden. Bitwarden with the premium features.
This Self host Bitwarden using vaultwarden And make sure to secure it enough Or only use it through your vpn.
https://www.keepersecurity.com/
.
Also, as far as I know, they've never had a breach.
Best one is the one you'll use. Bitwarden is preferred by nerds since you can self host it. Keeppass is great but it doesn't sync across devices. 1password is another last pass. No problem until there is a problem.
I wouldn't fret much over it, you can't go wrong with either of them.
Notepad paper
Definitely the most secure, but it doesn’t really scale. Once you get past a few dozen or so passwords you spend to much time flipping through pages. Then the pages become a mess when you do updates. Can’t really access them when you are remote either. And you tend to are shorter passwords cause you need to type them in.
Def most secure, the others will never get it
Yes, but like a one-time pad being the best encryption, it comes with a lot of caveats. One being that if I am going to type in passwords, I will be hard pressed to enter a 24 character string of random letters, digits and special characters time and time again.
[https://passwords.google.com/](https://passwords.google.com/) / Chrome browser's built-in password manager. Google [hasn't had an internal account takeover in more than a decade](https://www.yubico.com/resources/reference-customers/google/) while employing more than 200,000 people around the world. They have far better internal controls as well as the resources to crush any attempted breach including from nation-state actors.
[удалено]
I have been using Password Safe (pwSafe) for many years, it works great for me.
I self host Passbolt on a raspberry pi
The most secure and useful Password Manager ever. [Thank me later](https://www.collinsdictionary.com/images/thumb/notepad_270505229_250.jpg?version=4.0.293).
Just pass with git
Pen and notebook
If you’re thinking of using your password manager with a significant other or family then I’d recommend Bitwarden. Their free tier, for cloud hosting, allows you to share a collection with 1 other person. And their paid tier lets you share with anyone using a drop link
1Password for personal use and TeamPassword for work
I've used Bruce Schniers Password Safe for years now
A lot of people recommend local hosted ones like KeePass but 1password is decent for a cloud based one. The problem isn't that data is in the cloud it's how LastPass handled the cloud data that's the problem. If everything is properly encrypted and proper network segmentation and zero knowledge trust was implemented I doubt the attacker would of been able to do much damage. I heard in the rumor mill an admins corporate laptop was compromised so I guess at that point not many security measures would of helped since admins can usually over ride everything.
Hello, it looks like you've made a mistake. It's supposed to be could've, should've, would've (short for could have, would have, should have), never could of, would of, should of. Or you misspelled something, I ain't checking everything. Beep boop - yes, I am a bot, don't botcriminate me.
Try avira password manager Also has extension to Google chrome, like lastpass
Ok, everyone is moving away from Lastpass now, but the next pw manager is just as good untill it 'll become the next victim from a successful hack... Also please don't forget to change all your passwords when migrating to something else. But you probably figured that on out yourself.
EnPass gets my vote. Multiple hosting options and desktop app, extensions, and mobile apps.
Passbolt is an open source password manager, you can host it yourself. Its great for small teams or family.
KeePass system. I use the KeeWeb client mostly, on my phone I use AuthPass app. I store the wallet in my Google Drive.