Jun 5, 2016
Any recommendations on a password manager system?
I know it is highly recommended to not use the same password for everything. I have so many different online accounts, it has become difficult to create new passwords that are strong enough and not repeated. I know there are password managers to help with this, but I don't recognize any of the brands. Is anyone using a easily manageable and secure password manager they would recommend?
Expert Answers
Sort by Date
Sort by Votes
Jun 6, 2016
+1 for LastPass. Excellent reputation for security - their technical architecture is such that employees cannot decrypt your passwords, even if they wanted to. Also easy integrations with browsers and mobile apps.
Example incident on LastPass, links below. This gives you a good idea about how safe/vulnerable you are using a password manager like LastPass, and their tech held-up pretty well under the circumstances.
Wired Article: https://www.wired.com/2015/06/hack-brief-password-manager-lastpass-got-breached-hard/
Official Response: https://blog.lastpass.com/2015/06/lastpass-security-notice.html/
If you use _any_ password manager, make sure that you use a strong master password and ideally use two-factor authentication (code-generator, SMS, etc) - make sure that your password manager supports two-factor auth.
Jun 6, 2016
Jun 7, 2016
We use LastPass too and like it very much. It's free for the desktop but it costs $12/yr for your phone/tablet. It syncs passwords between them so you are never out of sync.
Jun 7, 2016
Those are great points Lorelyn and Bob. Thanks.
Jun 5, 2016
I've been usinig Roboform for years and love it and highly recommend it. Lastpass is also excellent.
Jun 5, 2016
It may be best for you (or in consultation with your trusted IT guru) develop your own passworded / encrypted process or place to store your passwords. It is risky to use a popular solution to do this, as it could be increasing your chance of being hacked if more people know about it.
Jun 6, 2016
I had checked out a few in the past and found LastPass to be the best. Just make sure to make a strong password that no one can guess.
Jun 6, 2016
I have used Keepass2 (formerly keepassX) for the past decade. It has really worked for me. As a system engineer I maintain various accounts at work, plus the many accounts internet I access via the internet.
Keepass is quite secure, is updated regularly and allows me to synchronize password files kept on a different location, as well as access it via a URL (if stored on internet-accessible storage, such as dropbox or GoogleDrive). It also supports password to open the database itself as well as a plethora of security configurable security measures.
It was designed for and is best run on Windows. I successfully run it on Ubuntu and Centos Linux, IOS and Android. On some platform the client might not support he URL connection method, in which case one has to copy the file and open locally. That can be gotten around using a dropbox client (or one like it) and opening the local file as it will get sync'ed automagically.
I have found it to be very reliable. I do not trust the browser based solutions as they have proven to have security holes -- not too long ago at that.
oh, and it's open source too!
Jun 6, 2016
I have used 1Password ever since the Heartbleed virus surfaced. It has been an excellent solution for managing my passwords. It works across devices and cross-platform. It's easily accessible for filling logins on sites via a 1Password icon at the top your browser. Their support has proven to be helpful and effective whenever I've had a problem.
Jun 6, 2016
I use lastpass for my laptop and my cell phone and it works perfectly. Since I started using it, I have 16 digit random passwords for each account and I don't worry about passwords residing on my laptop or cell phone anymore. Everything is encrypted.
Jun 6, 2016
I'm a big fan of a software called 1Password. Works great on a wide range of devices and browsers.
Same here Ed. Been using Lastpass for years now.
Password managers are safe. What I do is I make it a practice to change the master password every month and no sharing of laptops/tablets/desktop computer.
Hope this helps.