It looks like lastpass is going to start charging users for multi-device acces. Not a huge deal b.c. it’s something like $25 a year. But it made me think maybe it’s good to look at other options out there. Wondering if anyone out there uses any other password managers that work well on mobile and desktop. preferably with plugins!
Unpopular opinion but we should want to pay for services like these, not insist on getting them free. Last thing you want is a cross-device tracking platform funding itself using the alternative: sale of user data. Free services aren’t free. I think jumping ship when privacy companies say they need to start charging for services will push things in the opposite direction of user privacy.
7 Likes
I agree i’ll probably end up purchasing the multi user tier they offer to get the fam on it as well. I may have worded that weird, im not looking for cheaper options perse just other options. I’ve used lastpass for years and have no problem kicking them some $. I thought i had already at some point the ability to share my accounts with employees? but idr
Regardless was just seeing what everyone else was using. Doing a lot of cleaning up and consolidating this week so it wouldn’t be a bad time to switch platforms if there is something better available
How about just remembering passwords ? It’s free
Firefox remembers pw and you can have it on phone & pc etc
Lol my passwords are usually along the lines of J7us6V!dna*4ghal0H not really able to remember them. Especially if you change them frequently
2 Likes
I can also agree that 99% of the time if you are getting a service for free, you are the one being taken advantage of.
I use KeepassXC on the computer and KeepassDX on the phone. These are both open source, and you alone are responsible for the database. There is a firefox plugin. I use NextCloud/syncthing/rsync to sync the database between various devices.
It is not a fluid solution. At the end of the day you might just do FireFox Sync which is a free service that also remembers all your bookmarks and stuff. They do keep user data like where and who you are but all the actual stuff is encrypted like passwords and browsing history.
5 Likes
YES!!
Nothing is free, in this case you are paying with your personal information in some way.
It’s free if you use easily compromised passwords lol
I don’t sell your user data. No adverts that track you. Not asking for money…
Sometimes, good things happen.
2 Likes
True that!!
I should clarify that 99% of free things are not actually free. But I’m happy this place is the 1%
I just use iCloud Keychain.
It’s obviously locked into the Apple ecosystem, but for me that’s ok because I’ll be using it for the foreseeable future (especially with these new ARM chips). If the need arises, there are migration tools to other popular password managers.
It’s free, secure, and seemlessly integrates with my devices.
Here’s my proposed idea for a way to create uncrackable passwords without having to write them down or use a third party/password manager. The idea is every password will be unique to every site you visit but you won’t actually need to remember what each one is. Just how you came up with the password.
Create a “formula” based off the name and characters of that site. Use this formula for every website.
Using “future4200” as an example:
Formula could go like this. This is just to get the idea across. Idea is you use the same “formula” for every different password and only you know the formula.
- For the letter requirements in a password, do something simple and easy to remember like the name of the site backwards. So password would start like this:
erutuf
- Then add “modifiers” to fit site’s password requirements and add layers of security. Insert a random rule like “always capitalize the second vowel in the password” or always replace first and last letter.
So we’d be at this:
erUtuf
- To fulfill number requirements, add a number modifier like “count number of characters in website name (10) and add that to the end”. (Or just pick your favorite number and use it in all of them. As long as the rest of it is different you’ll be fine) So you’d have:
erUtuf10
- For sites that require a symbol, just use the same symbol on every password but put it somewhere strategic (such as before your number modifier).
erUtuf?10
So it would go:
- Name of website backwards.
- Second vowel capitalized.
- Question mark.
- Then a number (ie number of characters in that websites name).
Then if you really want to add security you can make your password double or triplicate of that same string. This is helpful when sites force you to make a new one every few months or sites that require longer passwords. For example:
eRutuf?10erUtuf?10
Facebook password using this formula would be:
koObecaf?8
This concept won’t make sense to a lot of people but for those who are privacy conscious I think having a universal domain-formula to create passwords is very easy once you remember it. The idea is you don’t need to remember your passwords you just remember 3-4 things (which is actually a lot easier than remembering 50+ passwords in this day and age). Two sites will never be able to have the same password and it would be uncrackable by most modern technological standards. You can make it simple if you want. Just do like “name of site backwards + your moms birth date”. Whatever your brain can remember is better than the same simplistic password across multiple platforms.
Just something to think about. It’s a lot a lot easier than it sounds once you remember your 3-4 steps. I don’t think people realize the growing importance of cyber security so any way you can make your passwords all more complex and most importantly different on every platform, the better off you will be. Your password only needs to be more complex than the next guy.
2 Likes
Cept you need to change passwords frequently to have good security practices. I’m with @sidco on this one. Keepass is the tits. All of my passwords are really long strings, all autogenerated by keepass
2 Likes
If you have money and will pay for usability, pay for lastpass yearly.
If you have no money and want some usability, choose keepass.
If you have no money and want to know what 1986 tastes like, use a password matrix similar to Your PasswordCard - 6,749 printed so far!.
Obligatory CorrectHorseBatteryStapler for all other inquiries.
2 Likes
Yeah I ended up staying with lastpass. Well worth the couple bucks a year for multiple devices
Personally I find the idea of trusting random nameless people with my credential sets to be terrifying.
And the inability to read source code means I must assume it’s backdoored
Just insert a modifier number in the middle. First time you make the password it’s 1, second time you change it it’s 2, third time it’s 3. So then when you don’t remember how many times you have changed it for that site you just go through a few tries and get it right. Or just add a character at the end. First time you do no character add-on. When they force you to change it, add a $ sign. Down the line when you change it again, switch to $$, then $$$ and so on. So if you’re unsure of how long you’ve been using a site you’re only really guessing by how many dollar signs you’ve added. I’ve never had a site flag a password as too similar to a previous one because you’re never actually using any recognizable words so to a bot it appears as just random characters.
I know it sounds complicated at first but it becomes second nature once you try it. You’re performing the same thought process for every password, every login. It’s just like an extremely basic algebra problem and the inputs are the name of the website + a couple “modifier” rules that you arbitrarily made for added security and versatility. You can make it as simple of a system as you want and your variety of passwords is still going to be stronger than 99% of the other logins on a breached email list. That’s all that matters. Cracking passwords is looked at by length of time it would take to crack… you just need all of yours to take longer than the other guy.
I am skeptical of handing over passwords to a third party and definitely would never trust a free one. The more people using it, the bigger the target becomes. I don’t see why I’d use one when I can yield the same effect for free without putting my trust in a third party service.