|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
I have a client who has 6 computers all running Windows 7 Pro in a peer to peer network (no server). Firefox is the browser on all the computers. The users have a habit of clicking on the “remember me” box because they do not want to type in the password to websites which require a log in.
I am not an expert on password managers.
Question:
What password manager would you choose for inexperienced computer users and why?
Thank you for your help.
I would suggest you try a few of them yourself (they are free) and check what you and your users prefer. The ones mentioned here (Roboform, KeePass and LastPass) are all reputable, so you could try these. No doubt there will be other suggestions.
Personally I use LastPass. I never liked the KeePass interface and LP has the facilities that Rhino mentions.
Eliminate spare time: start programming PowerShell
I would suggest you try a few of them yourself (they are free)
Well, many of them are either free or have a trial package. Some are free for private use but cost money to be used in a business context.
https://en.wikipedia.org/wiki/List_of_password_managers has a bit of incomplete list with some notes about prices. Though, it doesn’t at the moment mention Roboform at all.
deal today on roboform
https://www.bitsdujour.com/software/roboform-everywhere/in=todays-deals-home
Take the five-year deal on RooboForm, I say, as a long-term satisfied user, no connection with the software publisher.
Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro
If they’re typical non-techie users – LastPass
If they’re techies – KeePassXC (cross-platform, more frequently updated than KeePass which it is forked from)
LastPass is very good, but you have no control over where your data is stored – they hold it. KeePass, you can store the .kdbx file anywhere locally or in the cloud with any provider.
… and then there’s Pass. Doesn’t do much by itself but with the right tools to go with it…
KeePassXC doesn’t have record level sync so you need to be careful if you use it on multiple devices.
KeePass and KeePass2Android are the only products that sync correctly.
cheers, Paul
record level sync
… and this is one where you can get ahead with Pass (and compatible tools). That’s what I use.
It’s “just a bit” more technical though.
KeePassXC seems Interesting, but no Android support.
I use KeePass2Android, free from the Play store, in my S10e.
… indeed it doesn’t have to be the exact same product name on different devices as long as they’re compatible. The KeePass family has plenty of those.
I’ve used RoboForm, KeePass, LastPass. I’ve stuck with LastPass. I’ve found it easier/quicker to use, and the free version has everything I need & liked from the competitors. It’s cloud-based, so works across platforms, but you can also download any/all of your data at any time, if you so desire. (good idea as a backup, just keep it encrypted, OFC!)
Group B for WIN7 w/ ESU, plus trying out Linux builds in dual boot.
I am leery about password managers of any type for one good reason: I’ve had more than one large company decide to abandon support of their product on which I relied heavily, leaving me in the lurch!
That actually is a major point in favor of open-source tools for this. Plenty of independently maintained open-source applications around that can read a .kdbx file, so KeePass and derivatives should be fairly safe in this regard. And open source means anyone else can pick up if one team quits.
And Pass… well with that one you don’t even technically need the special application to read the files, it’s just more convenient that way… and GPG encryption is common enough that application availability is unlikely to become a problem ever.
Losing your master key or the database itself is a valid problem scenario though. Nothing to it but to keep plenty of backup copies. Can’t help thinking that this is easier than with a paper notebook of passwords, too…
Thank you. Strongbox looks good. I didn’t understand the pricing so I have to contact the developer, if I even need premium. Also, hate to be so grim here, but in case of my untimely demise, I need to be able to get passwords to my spouse, who is very non-techie. (Which is really something we should all be thinking about – how to pass on our digital information). He won’t be able to use strongbox. So, I think I would have to either print the passwords and lock them up – not desirable or provide the password for where they are stored and the key. Not a much better solution.
How is everyone else addressing this? I can’t think of anything other than what I suggested above, but I’m not that smart or creative 
. I can check out some of the other apps. I think some provide digital legacy, but I don’t know how it works. Have to do more digging.
I was searching on keepass forum and found some info there. This is clear – if someone dies without providing their password no one can get into the file. Period. End of story. You 100% control access to your password file since it’s not on someone else’s (like LastPass) computer (But I could put it in the cloud, e.g. Dropbox, OneDrive,etc). Your suggestions are good. Unfortunately I may have to write the master password down for my hubby. 
I’ll get it figured out. Thanks for your help.
My solution: Both my wife and I have copies of the password manager software on our laptops. She has details of my password manager login credentials and I have hers, so either of us can get to the other’s passwords if necessary. This way, the details are kept secure.
The ability to open the password storage by someone else is by definition a backdoor that could be exploited.
So, it becomes a question of how you secure that… for the estate management case a piece of paper in a secure location isn’t a bad method, as long as the password doesn’t change.
For those with sufficient technical ability to cope with public-key cryptography, this is again a point where the pass / QTpass / etc scheme has potential, as you can encrypt to multiple keys so any of them can decrypt… and do this separately for different parts of the whole structure.
(I have some of the passwords shared with my spouse, some with spouse and kids, and…)
Why is it not reliable?
cheers, Paul
FWIW, the Consumer Reports website posted today ( 17 March 2020) on their review of Password Managers; here is their ranking (the first four are “recommended”):
The comparison website called WireCutter, has the same ranking.
Personally, I have used Lastpass on multiple devices for at least 5 years without complaint, but my Premium plan expires next month – so I am open to switching.
.
.
I’ve tried several password managers over the years including Roboform, Dashlane, 1Password, KeePass, LastPass and more, but I’ve always come back to LastPass because it “just works” for me.
However, I recently discovered Bitwarden (https://bitwarden.com) and have been very impressed with what I’ve seen in limited testing so far. It’s free, open source, and works on every major OS platform.
I plan to transfer my entire LastPass database to Bitwarden on one computer and my Pixel 3a phone and use it exclusively on those devices for 1 month. If it really can do everything that I need, it will replace LastPass on my other devices as well.
.
.
.
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Notifications
