A reliable password manager

[Mollyp]

I'm in search of a reliable password manager.

 

[plodr]

https://www.pcmag.com/picks/the-best-password-managers

 

[Firehammer]

Hi, @Mollyp I would recommend Lastpass Password Manager.

 

[Couriant]

I have used Dashlane in the pass and that was good but the free version was limited. LastPass is what use now, including using their 2FA program.

 

[Rudy2206]

Been using Dashlane for years. If a technical or other glitch comes up you can chat with Dashlane assistance Mon.-Fri. They are very helpful and some of the most respectful agents I have met with any software tech help. I highly recommend it.

 

[DaveA]

I trust no one with my passwords. I use a plain text file on a thumb drive and I keep in my pocket.
Being plain text, it can be opened using any plain text program on any OS.

Note edit:
My wife knows where she can get it and use it if needed even if I was to die.

 

[plodr]

I too don't want my passwords stored in the cloud. When I traveled, I carried a stick with my passwords. I can zip the file and password protect it. Then all I need is 1 password to open the file containing my password.

I use a different password for every site, email, etc.

 

[BudParker]

Hi, @Mollyp I would recommend Lastpass Password Manager.

I have used the completely free version of LastPass for many years without any problems whatsoever.

 

[zebanovich]

pwsafe has long history of being around and it has been audited by professionals many times over.
Password Safe (pwsafe.org)

The best feature (if you configure it that way), is that the file can't be bruteforced.

 

[DaveA]

What does one do when there is NOT internet access to the password program?

 

[zebanovich]

You don't need internet access for pwsafe.

It can be installed regularly (using registry for all users), or "green" (suitable for thumb drive) in which case plugging the USB to any computer would ask you for master password to decrypt the file.

 

[DaveA]

Then, how does it work if you are on a strange machine (some one else's) and need your password list?

 

[zebanovich]

When you plug in your USB, then you double click the executable on USB and it will ask you to unlock database with master password.

The database (a file with passwords) is protected from attacks and malware by design.
If you believe the target machine is infected, ex. with keylogger, the pwsafe has auto type feature, which doesn't require you to copy password into memory nor it requires you to type it into browser or anywhere else, you just right click your password entry and hit "Auto type"

And username/password is auto typed into online form and automatically logs you in.
If the browser is infected or if you visit a phishing site that could be a problem, that's why I would not use it on untrusted computers.

Good thing is that if you lose you USB drive, who ever finds it will not be able to steal your passwords.
Brute forcing is not possible because you can configure "unlock difficulty" which takes time to try another password if wrong one is typed, resulting in many years before the attack would succeed.