What password manager do you recommend?

I'll say maybe Bitwarden checks all of that.

Bitwarden is a no brainer. It offers ALL the features that an average user needs in its free plan (which imo all other password managers don't.)

Its also a privacy friendly service which has passed multiple security audits from external entities

Bitwarden

Bitwarden.

You've just described bitwarden.

Bitwarden checks all the boxes. I've had great experience with it. https://bitwarden.com/

I will say, auto-fill on load is a bad idea. On desktop I keep my auto-fill bound to a key so it doesn't actually end up in fields it shouldn't be.

2FA is locked behind the $10/year premium if that's something you wanted, but beyond that the free plan has everything 99% of people will use. They do third party security audits, have public white papers, and is completely open source.

Yet another vote for Bitwarden. I love that you can access your stuff through a browser without installing anything, I need that sometimes on my work pc where I cannot install anything.

*Sees post. Guess I should make sure someone has said Bitwarden.

*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

*Good. I don’t need to reply.

Bitwarden, hands down. been using them for like 7 years now? have got nearly 300 accounts in the password manager, and is fully free. Haven't paid a single penny to them. Autofill is possible, on both android and web browser, although you'll have to set it up through an extension. Fully cross-platform. Used it on Linux, windows, MacOS, IOS, iPadOS, Android. you can access it via a browser, is open source and is hosted by Bitwarden if you want to.

it ticks all your requirements!

I'd say https://keepassxc.org/ covers all of your needs except the "Can be accessed via a browser" (Autofill works fine with a browser plugin)

One more point on Bitwarden - when the top password managers were being hacked/exploited, Bitwarden was keen to fix what appeared to be vulnerabilities in an extremely timely manner. I don't remember where I read the article but it still fared best out of all the other managers out there.

It may have been ars technica, I don't remember.

Bitwarden, bonus points if you self host it. I use the Vaultwarden variation.

Guess I'm gonna have to give bitwarden a go, I've used LastPass for years but their quality of service and value for money has plummeted.

+1 for Bitwarden

Non self-hosted: Bitwarden

Self-hosted: Keepass

Both are open-souce, multi-platform, and free. Bitwarden does have additional paid tiers to include support for things like OTPs. I used to use Keepass but got tired of manually syncing my database; If that's not a problem for you then it's a great choice.

Keepass is

• open source and free
• just uses a file, so you can sync it wherever/however you want
• has a browser plugin with autofill if you're into that
• is supported on all platforms
• database lives in an encrypted file that you put wherever you choose

I use keepassxc, works well for me.

Another vote for Bitwarden just in case anyone needed one more comment to get them to use it.

Bitwarden, self hosted.

KeepassXC on PC KeepassDX on android Nextcloud for sync

Bitwarden is the exact app you just described. I use it. It's great.

I don't want to self host

IMO Keepass is not for you then. Bitwarden all day

Plus one for BitWarden for a great low price/free option that’s open source.

1Password if you have a few extra bucks to spend. I find the look and feel to be worth the money despite not being open source.

One vote for BitWarden.

KeePass all day. Completely open sourced and free.

I use

KeePassium on iOS

KeePassiumXC on desktop

Keepass2Android (no net) on Android.

All synced via Nextcloud but you can sync via sync thing as well if you don’t want to self cloud host.

I've been using KeePass since the dawn of time. There are now other good options too, but I haven't seen any compelling reason to switch. It does everything I need both securely and well.

Last year I tried (and paid) 1Password.
For the past 6 months I'm using Bitwarden and it's really good. I find 1Password's UI better but if we consider the cost it's better to stay with Bitwarden.

Bitwarden, Psono, Proton Pass. 1Password is not open source but they’re amazing too and most secure because of a layer of protection

A selfhost option: Bitwarden frontend with Vaultwarden backend.

I tried bitwarden and others and finally just settled on the firefox password manager. It does everything I need.

After 2 years of ignoring the fact that I use a duplicate password in over 100 places, and that password has officially been in breaches, I finally came to terms with the fact that it was time to find a password manager and generate unique passwords. I didn't do a ton of research and ended up with bitwarden. If I opened this thread to see a bunch of people ragging on bitwarden I was prepared to be VERY upset.

KeePass for me synced to whatever cloud you want. I use DropBox and the Android client has an option for that to save you work

+1 for bitwarden. If you want full control you can even host your own server. Easyish to setup at Bitwarden Docker Setup

It’s been a long time since I switched to 1Password, but I used to use keepass. I’m not sure whether keepass has a browser extension, but otherwise (if I recall) it checks your other boxes.

1Password is great, even though it’s not open source, and you get to a spot in life where $3/mo is feasible.

Permanently Deleted

Bitwarden is ok

Vault warden. (Implements bitwarden).

Works with bitwarden apps / browser plugins. Locally hosted. Rust.

There’s only two real choices imo.

Bitwarden or Keepass (KeePassXC for desktop, you’ll need one of many app choices for your phone).

Keepass you would sync to your own cloud provider and use a key file for protection.

Bitwarden is the obvious answer that fits all your criteria.

Definitely Bitwarden, but there‘s also a new product from Proton called Proton Pass. It works similarly to Bitwarden, but a few features are still missing.

Keepass all the way. Checks all the boxes. Access via browser: If you have a Nextcloud instance, theres a NC-Addon to open kdbx files in the browser.

re: Bitwarden I tried it and it wasn't sufficient for me. Is it now possible to also store and generate TOTPs? Can you store SSH keys and retrieve them directly from the password storage?

buttercup.pw

Disclaimer: I’m the developer

Permanently Deleted

Gratifying to see all the love for Bitwarden!

Bitwarden would be a good fit for what you are looking for, especially the cross-platform aspect. Keepass-derived solutions typically require trusting multiple developers, whereas Bitwarden is developed and maintained by a single team.

Currently using bitwarden. Moved over from LastPass. Free and works on browser plus mobile. Like it so far.

Thanks for this! I have been using iCloud Keychain for a while and was generally satisfied. However, it wasn’t until I recently switched from desktop Safari to Arc that I considered a third party password manager, but was stuck in decision paralysis.

Given the overwhelming responses in this post, BitWarden it is!

protonpass for sure.

Bitwarden is great, but it's way too easy to lock yourself out of it if it's your first pw manager ever.

I am a fan of Vault Warden.

Since you don't want to selfhost anyway just use the one built-in to your browser. Nowadays you can set up synch with a password

I've been using Google's password manager mainly for convenience but had been looking to switch for a while, this thread made up my mind to switch to Bitwarden!

I think bitwarden fills all of your requirements.

Been using 1Password since 2010. I tried Bitwarden a few years ago just because of the price. In theory it ticks all boxes but it was a pain to use. I does not flow like 1P, some things did not work the way I expected and it looks like shit. Don't ask for details because I forgot. So I switched back. The new design of 1Password made it a little worse but it's still great and the integration into iOS and macOS is amazing.

I like the Password for Nextcloud app. I self-host mine, but I think there might be Nextcloud instances that you can access. It is encrypted, and has an app for smartphones.

For important things Keepass (which I sync in Onedrive). For casual things whatever the browser offers... or some random long password and password reset ._.

Bitwarden. Definitely recommended.

You can use SafeInCloud.

As others say, Bitwarden checks all of those boxes, and KeepassXC technically doesn't fit the "not self hosted" requirement, but you can store your database file in any cloud storage you want.

Bitwarden. Either selfhosted or the official

Bitwarden, no question

Hummm am I the only one using 'pass' ?

What's people's thoughts on Dashlane?

I use a mixture of Bitwarden and KeepassXC.

BW for most uses KP for things I only want local copies of ^^

If you’re comfortable around *nix stuff: pass. Open source, free forever, you can “host” it with Github private repo.

If you're going through all your site's changing passwords maybe take a look at http://simplelogin.io to also hide your email address. Some sites block you, which is ridiculous, but for the majority of sites it's a good idea.

bitwarden, proton pass,1password

I've been using keepass for 10+ years now. I store it on a USB that is only connected to the internet when I plug it in.

Permanently Deleted

Used to love LastPass, then it charge expansive for pc and android multi device. I'm too looking for better pm.

My brain. Comes up with the whackiest excuses for why this-and-that password would be a great choice and how easy it would be to remember, only to later explain to me rationally why it was the wrong choice and how I should've known I'd forget it. Then again, that's just extra security. If it's only stored in my internal memory and even I can't remember it, no one else is getting in for sure.

Selfhosted or not, you can also make keepassxc portable with a usb drive.

Here is a old thread from redit explaining how to do it:

Dude.... KeepassXC has portables for linux, there is no need to mess with wine or mono. As long as you have both portable versions of KeepassXC, you will not have a problem. You can totally have your database sync between OSs.

• For Linux, just get the AppImage for the portable.
• For Windows, get the Portable ZIP archive.
• Shove them both into a USB, you have KeepassXC portable for both OSs on a stick.

Source: https://www.reddit.com/r/KeePass/comments/10i8joq/keepassxc_portable_on_windows_and_linux_or/-

Now I don't need to worry about forgetting passwords anymore

Only problem is now I don't know any of my passwords, apart from master password for BW. 🤣

pass would meet your requirements. It is a super simple implementation of a password manager levying PGP for encryption and git for syncing. You can therefore use any git server for syncing. There are browser extensions for autofill etc and scripts to import/export passwords etc.

Bitwarden is fantastic, been using it for a long time now withour complaints.

I self host bitwarden currently, but have been playing with the idea of using Vaultwarden instead, just haven’t gotten around to uprooting my working system.

I use LastPass because my company pays for it, I also export to all of my browsers because LastPass doesn't fill or save passwords right on some sites and the browser auto fill works better. Sometimes that means I have to search a bit for the right password for an account, but the system works and I haven't had a compromised password that was my fault in a long time since I use autogenerated passwords. As always 2FA the important accounts.

I just use my very smooth brain Although its not very relible

Online password manager GTFO never ever doing that.

I use password safe desinged by Bruce Schneier, it's legit AF, https://pwsafe.org/

I use Samsung notes. Save all my passwords in there, they're all different and strings of words with characters in them etc.

Then i lock the note with one secure password.

Bitwarden