Hacker Timesnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Which password manager do you recommend?
1 point by lorenzhs on Oct 9, 2015 | hide | past | favorite | 6 comments
I've been putting off the move to a password manager for far too long now, instead using a base password with a pseudo hash function on the domain name that I evaluate in my head and which determines certain characters in the password. (This means someone would need at least 3 or 4 password leaks for different sites to figure out the hash function, or a hash collision). With today's LastPass news, I'm interested in what password manager you recommend.

I'm particularly interested in ones that work on Linux, and I want to be able to use my YubiKey to secure it (I have a Neo, and two U2F ones on the way from the GitHub special). Obviously, they should also be well-maintained.



I've been using LastPass for a few years, even convincing $work to purchase/use the Enterprise version. This was my best option as, like you, my primary machine ran Linux and I wanted 2FA (also using a Yubikey).

With today's announcement, I'm not sure what I'll use going forward. In the past month, I've switched back to using a MacBook Pro as my primary machine (along with my iPad and iPhone). I'm not a big fan of LogMeIn, so I'll certainly be looking for alternatives.


I use KeePass Password Safe ( http://keepass.info/ ) supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithm to encrypt its password databases. And it’s free and you have full access to its source code. KeePass will also support YubinKey. Here is a link on setting up a YubiKey with KeePass (http://keepass.info/help/kb/yubikey.html ).


The different versions of keepass have always confused me -- what's the difference between 1 and 2, and why are both around? What's KeePassX, which is linked on the Download page for Linux, and does it support YubiKeys as well? Other than all the confusion that surrounds it, keepass looks quite good to me.


This link may help clear up the confusion between KeePass 1 and 2. (http://keepass.info/compare.html). As for the KeePassX, this was a port from the Windows KeePass 2 to mac OS X. But has now become its own program. I do not know if YubiKeys will work with it.


I've recently started using enpass (http://enpass.io/). It does what I need, and is simple enough for others to use. Their security model is based on open source even though the entire app is not open.


http://passwordmaker.org/ automates what you're doing in your head. On android the PasswordMaker X app is pretty reasonable too. On iOS the apps are not so good.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: