Avoid The Hack: 5 Best Password Managers For Security (and Privacy)
Password management is essential to the security of your passwords and thus the security of your online accounts.
You probably know not to reuse passwords or to use weak passwords. You also probably know that you should use a password manager (or currently use one)… Ideally, you’d use a password manager that has a good security history and is open source, such as those found here.
As a note, it’s highly suggested that you read avoidthehack’s guide to the world of password managers first to get acquainted with password managers and how using one will benefit you if you’re not using one already. For those looking for some solid alternative to the popular closed-source password managers out there, this post should also help.
All password management solutions listed here are free (or follow an ethical freemium model) and open source!
Bitwarden
Highlights
- Self-hostable
- Cloud version available for easy syncing between your devices, widespread support for devices
- Free version is generous in features (not just a trial!)
- Conducts regular security audits, complying with Privacy Shield, HIPAA, and GDPR standards
Bitwarden is an open source password manager. Bitwarden can either be self-hosted on your own hardware/instance or you can use the Bitwarden cloud in a software as a service (SaaS) set up. Many people may choose to use the Bitwarden cloud over self-hosting their own instance – and that’s perfectly okay.
Bitwarden’s code base regularly undergoes security audits and publishes the results on its official website. It’s compliant with various security and privacy standards to include Privacy Shield, HIPAA, and GDPR. Overall, it’s well-developed and maintained with new features in the works and bugs consistently being fixed.
Bitwarden is the ideal drop-in replacement for other cloud/syncing password managers such as 1Password, LastPass and Dashlane as it’s open source and has a stellar security history. Additionally, Bitwarden uses zero-knowledge encryption and has a favorable, easy-to-understand privacy policy that allows Bitwarden (cloud) users substantial control over their data.
The paid version of Bitwarden comes in tiers, first broken down into Personal and Business. Under the personal plans, the paid version of Bitwarden gives access to premium features such as Advanced Two-factor authentication (2FA), Emergency Access, and Bitwarden Authenticator.
Bitwarden is compatible with most operating systems and devices, featuring availability for Windows, macOS, and Linux devices; on mobile, both iOS and Android are supported.
Vaultwarden
Highlights
- Less resource intensive than vanilla Bitwarden
- Runs on ARM devices (ex: the Raspberry Pi)
- Self-hostable
Vaultwarden is a community-run fork of Bitwarden that is compatible with Bitwarden’s upstream; meaning that Bitwarden’s core features work while implementing Vaultwarden.
Vaultwarden is intended for people interested in self-hosting their own Bitwarden instance.
The main difference between the main Bitwarden server and is Vaultwarden is far less resource intensive than the official Bitwarden source code, allowing it to be hosted on older or slower hardware. Vaultwarden also supports ARM-devices, thus allowing users to host their own instances on smaller devices like single board computers such as the popular Raspberry Pi.
While many features from the official Bitwarden server source remains available in Vaultwarden, please note that not all features may work. This primarily applies to the Enterprise features that Bitwarden offers; users looking to utilize Bitwarden’s Enterprise features via Vaultwarden may find doing so difficult.
KeePassXC
Highlights
- Local-only
- Widespread support for many platforms
- Works offline (doesn’t require an internet connection)
- Flexible database storage options
KeePassXC is a community-run fork of the outdated KeePassX password manager.
KeePassXC aims to provide a comprehensive local password management experience. In other words, KeePassXC doesn’t have native cloud/sync support across devices.
The biggest upside to this is you don’t need an internet connection to access/use your password manager as is necessary for cloud-based password managers.
Also, it’s important to understand that the lack of cloud-based support doesn’t mean there is a lack of features or support. KeePassXC has easy-to-use import and export features, storing of TOTP codes, and password database management. KeePassXC has support for many operating systems out there, to include Linux and its different flavors.
The cloud is convenient in many ways, so this one tidbit may turn average users off. However, an easy way to get around this and enable very similar cloud-based password manager functionality is to upload your KeePassXC database to a cloud file hosting service of your choice. This way, you have one less tie to one less provider should you decide to change password managers.
KeePassDX
Highlights
- Designed specifically for Android
- Works offline (doesn’t require an internet connection)
KeePassDX is another community-run and open source password manager available only for Android devices. It’s compatible with other KeePass products, such as KeePassXC, which allows for easier interoperability between the two.
KeePassDX is focused on being lightweight and secure, providing easy and secure password management and form filling tools on Android devices. Your data is stored in a single encrypted file completely under your control.
Like KeePassXC, KeePassDX does not have in-built cloud functionality into the app itself. However, you can store your database at a trusted cloud storage provider to achieve similar results.
While the bulk of KeePassDX features are free, users can upgrade to KeePassDX Pro which unlocks cosmetic content and non-standard protocol features. An upgrade to KeePassDX Pro contributes to KeePassDX’s future development.
Proton Pass
Highlights
- Free version is generous, not just a trial
- Has been security audited
- Bundled alongside other Proton Privacy offerings
- Easy integration with SimpleLogin
Proton Pass is an open source password manager by Proton. It is part of the same ecosystem as Proton Mail, Proton VPN, and the rest of Proton’s offerings. While its free version is generous, allowing unlimited logins, the paid version enables its 2FA/MFA software authenticator and unlimited aliases via direct integration with SimpleLogin.
Proton Pass is a cloud-based password manager. While it cannot be self-hosted for those who choose to do so, it could also function as a drop-in replacement for other cloud-based password managers, such as LastPass or Dashlane.
In July 2023, Proton Pass was security audited by Cure53.
Proton Pass is available on most platforms; Windows, macOS, and Linux for desktops and iOS and Android for mobile devices.
Criteria for password manager recommendations
At a minimum, to be listed as a recommendation on avoidthehack, password managers must:
Provide zero-access encryption for vault data
Data contained in user vaults should be encrypted with strong, reputable cryptography solutions and blind to the any servers involved in rendering the…
*** This is a Security Bloggers Network syndicated blog from Avoid The Hack! authored by Avoid The Hack!. Read the original post at: https://avoidthehack.com/best-password-managers