Keepass does a pretty decent job. I have keepassXC on my Windows, Debian and Android devices. On Android it’s integrated into the phone(and the autofill service if actual 2fa isn’t supported on the app) so it works on every application. With IOS though I know they can be a stickler on anything remotely technical so I’m not sure if something similar exists with it. I also use syncthing as the service to make sure the same copy of the database is on each device to prevent having to use a password manager that requires a subscription for a cloud service, this also minimizes my risk factor of a cloud service being compromised.
Comment on God ****** dammit, here we go again
realitista@lemmus.org 3 weeks agoWhich one works on all browsers including mobile safari and mobile Firefox?
Pika@sh.itjust.works 3 weeks ago
haulyard@lemmy.world 3 weeks ago
Heard great things about bitwarden. I’ve personally been using 1Password for over a decade.
thenoirwolfess@lemmynsfw.com 3 weeks ago
I’ve heard great things about Bitwarden, Vaultwarden, 1Password and Keepass, although the latter may fall out of preference rapidly. Some also recommend the Apple Cloud key storage. Call me a stickler but I haven’t trusted Apple security since the Fappening, even if it was the victims’ fault for not using 2FA
CrazyLikeGollum@lemmy.world 3 weeks ago
For mobile safari Bitwarden (and I think a number of others, but Bitwarden’s the only one I can speak to) ties into Apple’s password management system for autofill and password generation. Still have to use the app or webpage (either Bitwarden’s official site or self-hosted vaultwarden) for more in depth management.
For mobile Firefox, on iOS it’s the same as Safari. On Android you can either use the Bitwarden add-on or use it with the app and Android’s built-in password management system just like on iOS.
Since you mentioned “all browsers” for chrome/chromium based browsers there is also on add-on for both mobile and desktop. For Internet Explorer and pre-chrome Edge I don’t believe there’s an add-on but it can still work, it’ll just be more of a pain since you autofill either won’t work or will be spotty. You’ll probably be relying on the standalone desktop app.
On MacOS it integrates with Apple’s password management, so no need for an add-on on desktop safari.
For other browsers, you’ll probably have to use the desktop app and manually copy/paste just like for IE.
I also remember seeing some third-party integration for the windows terminal app and various Linux terminals, but I can’t really speak to their quality or functionality since I haven’t used them. But that would probably cover your needs for terminal based browsers like Lynx.
realitista@lemmus.org 3 weeks ago
Thank you! You may have finally convinced me to go this directions
I assume Firefox desktop is also supported on Windows and Mac?
CrazyLikeGollum@lemmy.world 3 weeks ago
There’s an add-on for the browser for both, but on Mac, the desktop app is what integrates with the system wide password manager. I don’t know if desktop Firefox is integrated into that, so you may need both the add-on and desktop app to get the same systemwide functionality.
On Windows it’s worth having both the browser add-on and desktop app installed as well, since the browser add-on only works in browser but the desktop app, while somewhat hit or miss whether or not it works with any specific application, is supposed to provide autofill/generation capabilities anywhere you have username/password field.
BombOmOm@lemmy.world 3 weeks ago
I’m a big fan of the Keep It Simple method, and went with Password Safe. Works on Linux, Windows, iOS, and Android. It’s big thing is it just makes an encrypted password file which then you can sync between devices however you like (Box, Dropbox, etc)
Which one works on all browsers including mobile safari and mobile Firefox?
It has an auto-type and copy feature, so no need for browser support.
ImgurRefugee114@reddthat.com 3 weeks ago
Something to keep in mind about not using browser integrations is that you can fall victim to simple keyloggers and clipboard stealers. But using an extension can also be a weakpoint if it autopopulates incorrectly or on a compromised site; but that’s far less common.
But, dear readers, don’t let that dissuade you: even a text file in a veracrypt volume is better than “PurpleElephant1994”
u_u@lemmy.dbzer0.com 3 weeks ago
I would dare say PurpleElephant1994 is already much better than most passwords people have been willingly tell me.
anguo@piefed.ca 3 weeks ago
I recently found out a family member’s passwords are things like “1100011”, “1111000” and similar variations. It’s like they’re already using binary to give a helping boost to brute-forcing bots.
JohnEdwa@sopuli.xyz 3 weeks ago
In theory auto-population is way more likely to save you from getting scammed because it won’t do it for a fake site, as the URL doesn’t match. In practice though most people are just going to be annoyed it didn’t work and do it manually anyway before they realize why it didn’t work.
AbidanYre@lemmy.world 3 weeks ago
Autopopulate is probably less likely to mistake I and l or O and 0 in a fake site though.
wreckedcarzz@lemmy.world 3 weeks ago
One second, let me just
PurpleElephant1994!
Aetherion@lemmy.world 3 weeks ago
Bitwarden
stealth_cookies@lemmy.ca 3 weeks ago
Not an iOS user and it certainly seems like something they would be behind on, but with Android every password manager with a Android app will work since the hooks are built directly into Android. Other than websites and apps that don’t implement passwords properly it works pretty well.
paraphrand@lemmy.world 3 weeks ago
Keychain should work in both now. (iCloud passwords)
Miaou@jlai.lu 3 weeks ago
If there’s one thing I’ve always been wary of, it’s the password manager browser extensions. And I’ve been proven right. Don’t be lazy, it takes 30 extra seconds to do it manually.
Pishing detection is nice though, I’ll admit.
sugar_in_your_tea@sh.itjust.works 3 weeks ago
There are two major threats to a password manager:
- Breach - if the server doesn’t store the key and data is encrypted, they’ll have to break the crypto
- Client - if the client can be compromised, they can intercept password entry
The second is much harder to mitigate, but also much harder for an attacker to pull off since they need to compromise the update delivery chain.
sc2pirate@lemmy.world 3 weeks ago
Bitwarden has been good for me, but I actually don’t know about safari…
nocturne@slrpnk.net 3 weeks ago
It works with Safari. I use both Bitwarden and mobile/desktop Safari.
realitista@lemmus.org 3 weeks ago
Thank you for actually answering the question.
nocturne@slrpnk.net 3 weeks ago
On mobile, Bitwarden is an app that fills login/password info into your browser.