this post was submitted on 05 Jul 2023
1515 points (98.5% liked)

Android

28173 readers
93 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 2 years ago
MODERATORS
 
(page 4) 50 comments
sorted by: hot top controversial new old
[–] Nitsu29@lemmy.world 9 points 1 year ago

You should really use a password manager so you always have a secure and different password for each site

I recommend KeePass if you want to save your password locally

Or if you want something cloud based then I recommend Bitwarden You can even host your own instance

[–] scarabic@lemmy.world 9 points 1 year ago (2 children)

So happy I got 1Password set up and it has treated me right during the years I’ve used it. I wish my parents had such a thing. They have all the passwords written on a sheet of paper that sits under the keyboard. Like the digital version of car keys up in the visor.

load more comments (2 replies)
[–] subspaceinterferents@lemmy.world 9 points 1 year ago (2 children)

I prefer a password with pronounceable content of nonsense words, separated by dashes, with some numbers and symbols in there somewhere. Such as: tostog-Meenish-flurbit-dalsag-3023# . It's long enough to be very secure, and easy to transcribe if I have to type it. None of the words are in a dictionary. I keep a big list in a note on my desktop, and peel'em off as needed, finally keeping the utilized PWs in Enpass.

load more comments (2 replies)
[–] mayo@lemmy.world 9 points 1 year ago

Keepassxc for storage/backup and then I let the browser save the passwords I use. I like this setup.

[–] jzefbeio54@lemmy.world 9 points 1 year ago

KeePass is the perfect tool for me ! The cybersecurity practice at work also use it,

[–] ultratiem@lemmy.world 9 points 1 year ago* (last edited 1 year ago) (1 children)

1Password since forever. Can’t imagine having to type passwords or remember them.

load more comments (1 replies)
[–] techgearwhips@lemmy.world 9 points 1 year ago

Yes. I’m in the free KeePass ecosystem. Self hosted via iCloud and backed up to Proton Drive.

KeePass2Android no net on my Android.

Keepassium on my iPhone.

And KeepassDX on my desktop.

[–] QwertySpace@lemmy.world 8 points 1 year ago (6 children)

I use KeePassXC and synchronise it with syncthing. This allows me to keep it off devices I have no control over (OneDrive servers) and also allows me to have per device version history.

load more comments (6 replies)
[–] richdotward@lemmy.ca 8 points 1 year ago (1 children)

https://play.google.com/store/apps/details?id=keepass2android.keepass2android

Been using this for years. Hosted via ssh on my server in a ovh data center. Fingerprint access and every single account with a random password.

load more comments (1 replies)
[–] the16bitgamer@lemmy.world 8 points 1 year ago (5 children)

What are my thoughts on a password manager?

I think it’s both a good thing, and a crutch. I feel the fact that most services are rendered unusable without an account is sad, and with the 100’s of accounts one is expected to have a password manager is sadly needed if you can’t memorize a password or can make passwords with a consistent pass phrase.

Do I use one?

Nope, I have a password system which is good enough for most accounts that’s always more than 7 character long and unique for each account without being lost to me. The only time it has failed as when my work decided to have us change our passwords every quarter, and I ran out of password ideas.

load more comments (5 replies)
[–] roht@lemmy.world 8 points 1 year ago

Yes, and Bitwarden. Strong master password, with 2FA, and randomly generated passwords for the rest. For deeply personal apps such as banking I do have another localized system though. I moved on from LastPass and never looked back.

[–] rivingtondown@lemmy.world 8 points 1 year ago* (last edited 1 year ago) (1 children)

I used to use BitWarden but switched to 1Password about a year ago once I decided to buy a business account for my department at work (which gives every user a free family account)

1Password is fantastic. It stores more than passwords, it's fine tuned to do that, but really can be used to store anything securely. The dev team uses it to share secure .env variables and API keys for example.

One of the best features though is the ability to share secured links to VIEW passwords outside of your network. When a coworker asks me to share an account password I don't just copy and paste the username and password over email. I click share in 1Password and shoot them a link that only they can view (using email 2fa). I can also make more open links to shared credentials that expire (or until I expire those links myself).

The phone app works great and once you get it set up on one device it's easy to configure it on others.

load more comments (1 replies)
[–] bleeu@lemmy.world 8 points 1 year ago (6 children)

I've used LastPass in the past but now I use bitwarden, gets the job done

load more comments (6 replies)
[–] Trapping5341@lemmy.world 8 points 1 year ago

Switched to bitwarden last October and couldn't be happier. Was previously just storing everything in chrome/my Google account. Reused the same password on pretty much every website. When I saw a few articless about chrome causing issues with ad blockers I decided to switch to Firefox which meant having to figure out my passwords. Decided that was a great time to figure out a separate password manager. I still occasionally run into websites I don't use often that still have my old password but for the most part everything is switched over and if 2FA is an option I have it set up. Going through my main sites was a drag but I felt so much better afterwards. I was really shocked at how many websites have really low limits on password length. And how some of the accounts I would really really prefer to have 2FA it's not even an option, looking at you banks.

My work actually just switched payroll companies and when creating my account I noticed the password field was 0/127 so of course I bumped up my password generator to 127 and maxed out the password field 😂

[–] ZC3rr0r@lemmy.ca 8 points 1 year ago (2 children)

I've been a KeePass user for over a decade and it's always been good to me, especially when using Box and OneDrive to sync it between devices. The ecosystem is great with enough plugins and support to make it fit your use case on any modern OS.

Can't recommend it enough. Especially over other options that are offered by a commercial company (LastPass for example). Not only because you're intently placing your trust in then to not expose your data and keep it secure, but also because you're giving them a lot of leverage to turn around and hold your passwords for ransom at some point in the future (when they IPO for instance, as a popular example) or lock you out after they come for whatever reason.

load more comments (2 replies)
[–] amnesiacrobat@lemmy.world 8 points 1 year ago (2 children)

I’d say they’re pretty much necessary so you can have unique, complex passwords.

I’m currently test driving Proton’s new password manager, I’ve been using 1Password for ages.

load more comments (2 replies)
[–] HortiEastwood@lemmy.world 8 points 1 year ago

Bitwarden, open-source, free, and awesome!!!!!

[–] jetsetdorito@lemmy.world 8 points 1 year ago* (last edited 1 year ago) (2 children)

After using one for like 8 years I really don't know how people have the time/energy to make up and remember all their own passwords

load more comments (2 replies)
[–] fne8w2ah@lemmy.world 8 points 1 year ago (1 children)

Started off with Lastpass free tier, then after they limited the free tier to only one device, switched to Bitwarden.

load more comments (1 replies)
[–] overfox@feddit.de 8 points 1 year ago

Started with LastPass, used it for 10 years. Switched to Bitwarden a while ago, would never go back.

[–] WeRememberTheFreeman@lemmy.world 8 points 1 year ago (2 children)

I use KeePass (more specifically KeePassXC). I manually copy my password files around like a caveman but I don't mind. At least my kdbx files are not accessible easily.

load more comments (2 replies)
[–] WizzCaleeba@lemm.ee 7 points 1 year ago (3 children)

I can't imagine not having a password manager. I even got my mom to switch to bitwarden. I'm not sure if I just don't know how to do it, but the only thing I wish I could do with bitwarden is share a password with another bitwarden user.

load more comments (3 replies)
[–] xaxl@lemmy.world 7 points 1 year ago

Use whatever but also use 2fa as well for every important account that you have.

[–] jersa@programming.dev 7 points 1 year ago* (last edited 1 year ago)

Perhaps a bit more technically involved for some tastes, but here's my setup –

I've used pass for the past few years, a command line based password manager that stores GPG encrypted passwords as text files in a git repository. I use it for more than passwords, so it's more like a passwords-and-other-sensitive-secrets manager.

There's no defined structure, that is left to the user to figure out, but the basic command to get a password and copy it to the clipboard simply grabs the first line of the file, which is where I insert the actual password. There's other info in there too, usernames, challenge questions, etc.

I push the git repo to gitlab, transported via ssh. On my phone, I use a client for Android called Android Password Store, which pulls from the git repository and has an easy interface for adding, editing, and accessing the passwords.

It costs nothing, stays backed up, and works pretty well for my purposes. Despite that, I was looking around to see if KeePass would be a better solution for me in any way, and found this cool thing, passhole, which provides KeePass with a CLI interface similar to that of pass, which is a big part of my attraction to it.

[–] MrFagtron9000@lemmy.world 7 points 1 year ago

My mom would use the same password for everything or she would mix it up a little tiny bit.

Her passwords were like.

Rainbow2002! rainbow2003 RAINBOW!!!

It was a different word from rainbow, but that's just an example.

I got her using two factor with Google with a really good password and she's using the built-in Google password manager. Now all of her passwords are 20+ random strings instead of a single word with different numbers at the end.

I think that's a much better system than what she was using before.

[–] coffeemonster@lemmy.world 7 points 1 year ago

Any security researcher worth there salt says to use one .Not sure what the question is. Bitwarden and 1pass are general good recommendations.

[–] ZarbtheBard@lemm.ee 7 points 1 year ago (2 children)

Well, shit. I don't use a password manager but now I feel like I should lol. Gonna check out bitwarden I guess.

load more comments (2 replies)
[–] AdamUllstrom@lemmy.world 7 points 1 year ago (1 children)

Have been using 1password for about 5 years now and have not have a single problem. I really like the integration with browsers and the iOS app. I am keen on testing protons though since I use the VPN and email.

load more comments (1 replies)
[–] Devgard@lemmy.world 7 points 1 year ago (3 children)

Loved bitwarden but switched to 1Password recently because their UI is so much nicer. ik, weird reason.

also because it was free with GitHub Student.

[–] Crazychicken563@lemmy.world 7 points 1 year ago (1 children)

First comment I've seen that mentioned 1Password. Surprise to see it so far down the list

load more comments (1 replies)
load more comments (2 replies)
[–] ArghZombies@lemmy.world 7 points 1 year ago (4 children)

I've used 1Password for years. Works well on all my devices (MacBook and Samsung Galaxy phone). I'd absolutely recommend you use one.

Not only are they great for handling complex passwords, but a benefit I've not seen mentioned here is that they are a way of just keeping track of just how many sites and accounts you've registered with.

For example - You buy one product once from an online store, save a password so you can monitor the order status but never use that site again. Before I used 1Password I'd just have forgotten I'd even used that site. But now I can just look down my 1password account and see a whole list of all these passwords and accounts ive created. And there's loads. You forget just how many online accounts and passwords you have out there.

load more comments (4 replies)
[–] rbar@lemmy.world 7 points 1 year ago (1 children)

I couldn't live without one these days. I personally use Bitwarden. I have tried most of the other manager suggested in this thread. They each their own benefits. I would recommend one of the hosted services for most people (1password, Bitwarden, not LastPass). I came to prefer Bitwarden for their combination of features and openness. I have self hosted it in the past, but these days just use their hosted service.

There are a lot of side benefits to using one besides just remembering your usernames and passwords for you too.

  • It lets you use catch-all emails if you have your own email domain
    • allows you to give services their own address to track abuse
    • makes you more resistant to someone taking your leaked credentials from one site and using it for another
    • easier spam filtering
  • Most password managers support random password generation
  • Saving things that aren't logins
    • Family member's SSNs and DL numbers
    • Credit cards
    • Wifi passwords
    • Gate codes
  • Sharing always up to date passwords and other secrets with people (for hosted options)
  • 2FA is easier
load more comments (1 replies)
[–] Tywele@lemmy.dbzer0.com 7 points 1 year ago

Bitwarden is great and I don't know how I could live without it anymore.

[–] wasabi@feddit.de 7 points 1 year ago

If you are not using a password manager you are doing it wrong.

load more comments
view more: ‹ prev next ›