LastPass / Password Managers

Started by Lazybones, January 19, 2023, 06:35:36 PM

Previous topic - Next topic

Lazybones

Knowing from past threads that others on here have uses LastPass previously thought I would start a thread as I just finished going through migrating off.

In addition to another breach that had poor disclosure, it as come to light LastPass kind of screwed up basic security.

1. Vault Metadata contains unencrypted info like domains for the autofill feature which can probably be used to identify or target you personally.
2. While new customers receive updated password rounds settings to strengthen vault security it turns out many old customers where on very low vulnerable settings at the time of breach including some users having a setting of 1 that basically made vault security useless.


Bitwarden appears to be the TOP alternative with self hosting and online options, however after testing it out I have concluded that the browser auto fill kinda sucks vs nearly all other options, and if you need to do sharing / family. Bitwarden has a convolude org / collections sharing structure with a bunch of limitations.

For family use I have opted to use keeper (https://www.keepersecurity.com/) party because I get a free licence via work but also in general it is very feature complete and easy to use which has been a barrier for getting family members to use a password manager at all. Edit: apparently they have 30% off referral codes if anyone is interested.

Curious if anyone else recently abandon LastPass has any other DBs there using these days.

Mr. Analog

At work we use Dashlane and I have been looking for a password vault I can use for myself for a while but I'm not sure what to go with so I appreciate your list!
By Grabthar's Hammer

Lazybones

Lastpass, 1Password, Bitwarden are the top three that turn up in reviews and top lists

Dashlane and Keeper also show up often so with those you have nearly all of the primary players at least in functionality.. There are others like NordPass that is bundled with some NordVPN options but it tends to score lower in functionality.

Your personal use case and preferences may be different.

I was highly attracted to Bitwarden due to pricing and open source reputation.. However the auto fill / browser function is very limited still but functional and as I noted I really need sharing between me and the spouse / family and Bitwarden is just a little strange in this regard.

Melbosa

#3
I host BitWarden using VaultWarden Docker (https://hub.docker.com/r/vaultwarden/server) for my company and at a couple client sites. Pretty easy to maintain I find.  Add in this Backup and you get automated backups as well: https://hub.docker.com/r/bruceforce/vaultwarden-backup

I personally use 1Password, which is Canadian company; previously I was LastPass and am slowly moving my stuff off to  1Password. It is not free though, you have to buy 1Password.

My Serverless client just moved to 1Password Business, and I'm really liking the product. They get Personal edition as part of the license for each employee, so just like you @Lazybones, they use it personally now to cause of free version.

NAIT Uses Lastpass Enterprise and I hate it. Horrible @%&# for Business level sharing of passwords.
Sometimes I Think Before I Type... Sometimes!

Lazybones

Well as of tonight managed to get the whole set of family accounts off LastPass onto Keeper (fully deleting all accounts and the family from lastpass).. Fingers crossed I don't have to migrate again any time soon lol.

Hard to convince some people of the importance of the task sometimes or the inconvenience of learning a new tool.

Figures crossed NAIT moves to something else.