Password Manager Linux - Opinion


#1

Alright, I need a password manager for linux. I’ve done a search and built a poll of the options. Shy of that I have no idea what any of them are. If you’d be so kind as selecting from the poll below or suggesting something else, I’d appreciate it.

  • Gnome Keyring / KWallet
  • Encryptr
  • LastPass
  • Pass
  • Enpass
  • KeePassX
  • UPM
  • FPM2

0 voters


#2

two bastards vote on the same shit making it equal …
do I need a round two for narrowing of options? :stuck_out_tongue_winking_eye:

thanks though, just messing - appreciate it.
Kinda just wanted to play with a poll - i’m already familiar with Keep ASS so I planned on defaulting to that if nobody had input.


#3

Correction, two votes one Bastard.


#4

Sorry - I couldn’t resist:


#5

I like lastpass a good bit but you have to be comfortable with all your passwords on the cloud.

Keepass is great but then I end up with 4 copies of my password database on various devices I need to consolidate and figure out which one is the correct password.

I’m not organized enough for this or I need tools to merge all my copies of the passwords.

That’s my take.


#6

You can, for example, automatically synchronize the password files via dropbox or nextcloud.


#7

I prefer Pass. You can sync your passwords with git. And then you just then need to sync your gpg key with your devices.


#8

Sure, but at that point… i would much rather use something like lastkeep. I would trust their security measures more then dropbox. The whole advantage of lastkeep is that nobody has your ‘database’ but you. The downside is… you need to manually copy passwords around.

My personal preference is lastpass but you’re definitely taking a risk by trusting someone else to have all your credentials and hoping they won’t share it with anyone they shouldn’t have.


#9

my vote goes on keepass. I can’t even think of a reason to put my passwords on someone else’s computer (nextcloud self-host for the win) so I just go my own way of syncing them. to be honest I am now migrating to keepass and I’m kinda lazy as far as changing my passwords go but I’d rather roll my own way of syncing between devices than use lastpass which got hacked not so long ago.


#10

i’m extremely unsure if i would allow any of my passwords to be synced via any cloud solution, i sync them by hand and use seahorse offline on my encrypted partition linux, propably passwordmanagers are equally safe unless you start syncing them :smile: for syncing use a huuuge random generated key that you again manually sync


#11

Truthfully I lean more towards https://www.yubico.com/ plus my password, but I am truly in love with the chip and PIN method of authenticating against everything a la the Common Access Card the US government uses.


#12

Yubico is awesome but isn’t that on top of your password. The service also has to support it.

I don’t think it solves the password manager issue does it?

I remember having to change my amazon password once cause audible ( acquisition ) couldn’t handle the complexity and wouldn’t let me log in.


#13

Keepass, lastpass, bitwarden ive used. There all good. keepass and bitwarden are open source.


#14

I use KeePassX both on my pc and mobile.


#15

Anything written to store your passwords has got to be the most popular thing to screw with. I’m sure Blackhat has a whole series of lectures on how to screw with any or all of these programs. I say make up a text file and then add a twist just in case someone finds it.
Like

Facebook *Except you know this is really for the thing down 4 not Facebook
Login: Zimrod Jones
PW: aMx4gtqp-& could be your password except you know you (A simple example)
are going to type the letter to the right of these keys in the opposite case
B,C%HYW{+7 or make it more difficult.

Oh and use GRC.COM to generate some truly random stuff and make the passwords long. Then remember that non of the password crap every lasted long on WinDoze and now we have cracked WiFi routers that use WAP2 and since NSA has a copy of everything ever sent and there are cameras at all the intersections become very very paranoid…

I say communicate using only Morse Code… 3 dits 4 dits 2 dits Dah! Signal corp Signal Corp Rah Rah Rah!


#16

Greetings all… If folks are open to input after all these months, I have been using keepass under Linux (Fedora/CentOS), Win7 and even have it on my Galaxy S6 for 10+ years now. I would highly recommend it, I have only had three complaints about it and the derivatives are:

  1. KeePass itself either checks for updates and pops up an obnoxious dialog (with no way to say ignore this version), or it does not check for updates at all. Really should consider filing an RFE to get it to add the ignore version option, as well as to say “Just show me a little flag in the UI when there is an update”.
  2. Having to convert from .kdbx to .kdb for keepassdroid was a PITA.
  3. Keepassdroid keeps getting messed up with my previous database location on my S6, and I have to select the file explicitly each time. Not sure if that is a problem with the S6 or keepassdroid, and have not had any time to diagnose it.

As for security… there is no such thing as perfect security. But since it uses AES or Twofish for encryption, and has gotten ChaCha20… if someone obtained a copy of by .kdbx file, they are going to have to work a fair deal, and my use of random passwords will not make it any easier. And it sure beats using openssl or some other utility to say “give me a random password with these constraints.”


#17

Hm. I still use Text files and gpg…


#18

FYI, at the time of me writing this KeePassX was in the lead. You should be aware that it has been superseded by KeePassXC, which is arguably better:


#19

I ran across this recently that looks interesting. It seems like a nice hybrid of keepassX and lastpass. It’s open source and you can self host your ‘cloud’.

https://bitwarden.com/

What do you all think?


#20

One more vote for lastpass