Password sharing is an important feature for many password management users, especially families and businesses who share accounts such as video streaming services, website domains, bank accounts, online databases and more. Some password managers may even use biometrics, enabling users to log in to accounts using only their fingerprint or face. It should also be easy for users to create and store new, strong passwords. Some things to look for in an easy-to-use password manager include having an easy set-up process with the option to import all passwords at once and autofill, drag-and-drop or copy and paste options for online forms that make them easy to update. Password managers should be intuitive and easy for each of its customers to use, as using it with every login is the only way to ensure that all of a users’ passwords remain as secure as possible. Additionally, especially since passwords must be frequently created and updated for maximum security, apps should automatically sync between each device. This way, the app’s purpose of protecting and storing users’ data will not be compromised by anything less than full-time use. Ideally, a password manager should be compatible with every device and browser a customer uses to access digital accounts. Ideally, the password manager’s creators should not even have a way to access the user’s data.Īlso important is the number of website browsers, mobile devices and computer operating systems the passwords manager is compatible with. To do so, it should help users create strong passwords and use advanced encryption methods that keep passwords and other important information such as credit card, passport and bank account numbers from being discovered or used by any unwanted entities. And I put a good ~200 words of notes stored in that particular KeePass entry to remind me how I did it in the future.Based on our in-depth knowledge of password managers, we chose the following five features as our main criteria for evaluating the two companies: security and encryption, usability and ease of use, password sharing and price.Įvery password manager’s primary goal should be to protect its users passwords from hackers, phishing scams, website breaches and other potentially harmful cyber threats. I will say that doing this requires some hairy steps! This was what put me on the right path. I was especially impressed that KeePass knows about Steam's non-standard TOTP implementation and is able to generate Steam Authenticator codes.
KEEPASS. CODE
And keeping TOTP secrets in a password manager seems like a not-terrible idea (with the one caveat - and it's not a small one, I know - of busting the "second factor"ness of 2FA by making it possible to generate a TOTP code from the same device that you're using to log in with).
KEEPASS. HOW TO
Google Authenticator had been worryingly opaque to me until then - you scan a QR code and then somehow you get TOTP codes? - and having gone through a phone number change recently, I felt especially aware and uncomfortable about having 2FA for many important accounts tied to one fairly fragile, fairly mis-placeable electronic device (not to mention in an app controlled by Google).įiguring out how to use TOTP on KeePass was the nudge I needed to read up on how TOTP works, and of course it was quite simple. Went digging a little and realized that there was enough support that I felt completely comfortable jumping ship away from Google Authenticator. A few months ago I realized that both of my clients showed a TOTP option. My stack is KeePassXC on computers, Keepass2android on mobile and Dropbox for syncing. I see nobody's mentioned TOTP support yet. The recommended way to handle this is quite convoluted. The most common sync solution is dropbox because that is the only mainstream cloud offering with first party support for linux, which is fine, but can still cause conflicts. It is not enough to set up a LAN folder your solution needs to be able to resolve conflicts if you ever use more than one device simultaneously, otherwise you run the risk of losing changes.
I had random disconnections from keepass and many autofill failures.įinally, you get to syncing, and the friction is bigger than you expect. To get a browser plugin, you have to pick from a disturbingly long list, each with pros and cons, each requiring a few config steps, and none of which work as well as the cloud competition.
Instead the main screen has "find", "find entries" and "search" buttons which are all slightly different despite sounding completely redundant. There is no "generate password" button on the main application screen despite that being the #2 use for a password manager behind autofilling. but I had to manually configure it to import from lastpass. I'm willing to tolerate a little friction to setup syncing, but keepass has friction at almost every level.
0 kommentar(er)
