On 2021/02/17 at 06:51am, Dale wrote: > I simply googled for 'alternatives to Lastpass' and Bitwarden was one of > a few that came up. Several links were articles comparing the two. If > a person doesn't like what Lastpass is doing, it won't take much to find > other password managers. They may pick something besides Bitwarden but > still, they have the option of switching.
I recently switched from LastPass to Bitwarden and this is exactly what I did. Many articles rated both highly, making me feel better about Bitwarden. I also liked that it is open source AND more affordable. I wish I could run my own server, but my security-foo is not strong enough to risk exposing not only my computer, but my passwords to the entire internet. However, there is another option that I've not seen anyone mention (apologies if I missed it): use local password manager (such as the excellent KeePassXC) for financial / very important sites, and an in-browser, Internet-connected manager for general sites of little consequence (like Slashdot, for example). I personally keep everything in KeePassXC and a subset of frequently used, non-financial sites in Bitwarden. I'm much more likely to log into a news site or perhaps even a shopping site from various computer. But, banking sites or other financial sites? ONLY from my Gentoo computer, because I am most confident of its security. Similarly, use different browsers for different purposes. I use Firefox for daily browsing, with hardcore security installed (ublock matrix, for example). Google Chrome is only for Google sites. Another browser is for banking and other shopping. Still has strong security, but not as strong because, at least for me, that tends to break those sites. Also, this browser only ever goes to those sites. In short, I guess I'm saying there is no need for either / or thinking. There are lots of ways to approach security. > I logged into my credit card on my cell phone, about the only thing I > use on my cell phone anyway, it worked OK once I figured out how to > get it to fill the info in. I might add, Lastpass has issues with > that site as well. If I didn't know better, I'd think the website > tries to prevent people from using a password manager. I agree - sites should be encouraging password managers, not discouraging them. I forget which site is was, but I had to deal with one that somehow disabled copy and paste (even with middle mouse button) in the password set up / change field. I used pwgen to make a 25 character random password and then had to type the monster into the site, twice! I'm sure most other people (less careful types) would just have switched to an easier password. Luckily / Oddly, the site did allow pasting into the password field for regular log in. -- Chris Spackman (he / him) ch...@osugisakae.com ESL Coordinator The Graham Family of Schools ESL Instructor Columbus State Community College Japan Exchange and Teaching Program Wajima, Ishikawa 1995-1998 Linux user since 1998 Linux User #137532
