News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Need a password manager

    Posted on cellsee6 Comment on the AskWoody Lounge

    Home Forums AskWoody support Windows Windows 7 Questions: Windows 7 Need a password manager

    Viewing 20 reply threads
    • Author
      Posts
      • #2006568 Reply
        cellsee6
        AskWoody Plus

        I have a client who has 6 computers all running Windows 7 Pro in a peer to peer network (no server).  Firefox is the browser on all the computers.  The users have a habit of clicking on the “remember me” box because they do not want to type in the password to websites which require a log in.

        I am not an expert on password managers.

        Question:

        What password manager would you choose for inexperienced computer users and why?

        Thank you for your help.

         

      • #2006604 Reply
        ScotchJohn
        AskWoody Plus

        Roboform – I’ve tried others, especially when they moved to a subscription model, but keep on coming back to RF.  Support is good.

        Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

      • #2006606 Reply
        gpmartens1
        AskWoody Plus

        I have used Roboform for probably 10 years, but also use and prefer Lastpass for it’s format, and it’s use on both a computer and on smartphones.  Also have used Dashlane a little.

      • #2006814 Reply
        JC Zorkoff
        AskWoody Plus

        I like KeePass. I find it easy to use and flexible. Some commentators at PC Mag think it is too techie, but they don’t say what that means.

        In choosing a Password Manager, you need to consider if sharing of the information among several computers (or users) is important. If it is, a cloud based manager like LastPass might be the best choice.

        KeePass keeps it’s data in a file on the current computer. This makes sharing difficult.

        This is the official website of KeePass, the free, open source, light-weight and easy-to-use password manager.

        https://keepass.info/index.html

        Also:

        https://sourceforge.net/projects/keepass/

        I hope this helps you choose.

         

      • #2006836 Reply
        Rhino
        AskWoody Plus

        I have used Roboform for 20+ years. It does so much more than manage passwords. One feature, “Safe Notes”, can contain virtually unlimited  information you want to keep private. Another, “Identities” fills in those tedious Web forms with your personal info, always gets the right info in the right boxes. I wouldn’t be without it.

        David

      • #2007276 Reply
        access-mdb
        AskWoody MVP

        I would suggest you try a few of them yourself (they are free) and check what you and your users prefer. The ones mentioned here (Roboform, KeePass and LastPass) are all reputable, so you could try these. No doubt there will be other suggestions.

        Personally I use LastPass. I never liked the KeePass interface and LP has the facilities that Rhino mentions.

        2 users thanked author for this post.
        • #2007858 Reply
          mn–
          AskWoody Lounger

          I would suggest you try a few of them yourself (they are free)

          Well, many of them are either free or have a trial package. Some are free for private use but cost money to be used in a business context.

          https://en.wikipedia.org/wiki/List_of_password_managers has a bit of incomplete list with some notes about prices. Though, it doesn’t at the moment mention Roboform at all.

          1 user thanked author for this post.
      • #2008040 Reply
        wavy
        AskWoody Plus

        deal today on roboform

        https://www.bitsdujour.com/software/roboform-everywhere/in=todays-deals-home

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
        1 user thanked author for this post.
      • #2008109 Reply
        ScotchJohn
        AskWoody Plus

        Take the five-year deal on RooboForm, I say, as a long-term satisfied user, no connection with the software publisher.

        Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

        1 user thanked author for this post.
      • #2008186 Reply
        zero2dash
        AskWoody Lounger

        If they’re typical non-techie users – LastPass
        If they’re techies – KeePassXC (cross-platform, more frequently updated than KeePass which it is forked from)

        LastPass is very good, but you have no control over where your data is stored – they hold it. KeePass, you can store the .kdbx file anywhere locally or in the cloud with any provider.

        3 users thanked author for this post.
        • #2008191 Reply
          mn–
          AskWoody Lounger

          … and then there’s Pass. Doesn’t do much by itself but with the right tools to go with it…

          1 user thanked author for this post.
        • #2008324 Reply
          Paul T
          AskWoody MVP

          KeePassXC doesn’t have record level sync so you need to be careful if you use it on multiple devices.
          KeePass and KeePass2Android are the only products that sync correctly.

          cheers, Paul

          1 user thanked author for this post.
          • #2008347 Reply
            mn–
            AskWoody Lounger

            record level sync

            … and this is one where you can get ahead with Pass (and compatible tools). That’s what I use.

            It’s “just a bit” more technical though.

            1 user thanked author for this post.
      • #2008200 Reply
        wavy
        AskWoody Plus

        KeePassXC seems Interesting, but no Android support.

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
        1 user thanked author for this post.
        • #2008236 Reply
          zero2dash
          AskWoody Lounger

          I use KeePass2Android, free from the Play store, in my S10e.

          1 user thanked author for this post.
          • #2008320 Reply
            mn–
            AskWoody Lounger

            … indeed it doesn’t have to be the exact same product name on different devices as long as they’re compatible. The KeePass family has plenty of those.

            1 user thanked author for this post.
      • #2009108 Reply
        Kranium
        AskWoody Lounger

        I’ve used RoboForm, KeePass, LastPass. I’ve stuck with LastPass. I’ve found it easier/quicker to use, and the free version has everything I need & liked from the competitors. It’s cloud-based, so works across platforms, but you can also download any/all of your data at any time, if you so desire. (good idea as a backup, just keep it encrypted, OFC!)

        Group B for WIN7 w/ ESU, plus trying out Linux builds in dual boot.

        1 user thanked author for this post.
      • #2011035 Reply
        BTSAZ1989
        AskWoody Plus

        Sorry to throw cold water on this party, but I am leery about password managers of any type for one good reason: I’ve had more than one large company decide to abandon support of their product on which I relied heavily, leaving me in the lurch! That’s bad enough when done by a company like Intuit (Medical Expense Manager; Home Inventory, and no longer supporting the adding of attachments in investment accounts within the account in Quicken; Cox Webmail, for example, and others), but if the password manager goes belly up or just gets bored, then what? If I store the file on my PC, I could lose it; if I store it in the cloud, it could disappear…

        Edit: Pleaase stay on topic.

        • #2011055 Reply
          mn–
          AskWoody Lounger

          I am leery about password managers of any type for one good reason: I’ve had more than one large company decide to abandon support of their product on which I relied heavily, leaving me in the lurch!

          That actually is a major point in favor of open-source tools for this. Plenty of independently maintained open-source applications around that can read a .kdbx file, so KeePass and derivatives should be fairly safe in this regard. And open source means anyone else can pick up if one team quits.

          And Pass… well with that one you don’t even technically need the special application to read the files, it’s just more convenient that way… and GPG encryption is common enough that application availability is unlikely to become a problem ever.

          Losing your master key or the database itself is a valid problem scenario though. Nothing to it but to keep plenty of backup copies. Can’t help thinking that this is easier than with a paper notebook of passwords, too…

          1 user thanked author for this post.
          • #2017576 Reply
            dmt_3904
            AskWoody Plus

            I am  looking for a password manager to use on my iPad.  I am going to migrate off my Windows machine. I like having ownership of the password file. I saw on Wikipedia there are a number of password managers that support IOS.   I would only be interested in ones that  allow local storage of the pw file. Where is the file stored when on IOS?   My major concerns are securing the password file and of course, potentially losing the key.

            Can anyone tell me how pw managers work with IOS? Any comments on security?

            Thanks Donna

            • #2017777 Reply
              Paul T
              AskWoody MVP

              The KeePass model has a local database that you manage / backup / etc.
              There are a few iOS apps that support it.
              Strongbox
              KeePassium
              KeePassTouch
              etc

              See the KeePass download page for more varieties.
              https://keepass.info/download.html

              cheers, Paul

              • #2018706 Reply
                dmt_3904
                AskWoody Plus

                Thank you.  Strongbox looks good.  I  didn’t understand the pricing so I have to contact the developer, if I even need premium.  Also, hate to be so grim here, but in case of my untimely demise, I need to be able to get passwords to my spouse, who is very non-techie.  (Which is really something we should all be thinking about – how to pass on our digital information). He won’t be able to use strongbox.  So, I think I would have to either print the passwords and lock them up – not desirable or provide the password for where they are stored and the key. Not a much better solution.

                How is everyone else addressing this?  I can’t think of anything other than what I suggested above, but I’m not that smart or creative 😄. I can check out some of the other apps. I think some provide digital legacy, but I don’t know how it works. Have to do more digging.

              • #2018932 Reply
                Paul T
                AskWoody MVP

                Digital estate management is complex and I have not seen a viable solution.

                You can either provide the password to your spouse or set up the password manager on a device where they can use a fingerprint to open it. At least they will have access to the data.

                cheers, Paul

              • #2019016 Reply
                dmt_3904
                AskWoody Plus

                I was searching on keepass forum and found some info there.  This is clear – if someone dies without providing their password no one can get into the file. Period.  End of story.  You 100% control access to your password file since it’s not on someone else’s (like LastPass) computer (But I could put it in the cloud, e.g. Dropbox, OneDrive,etc). Your suggestions are good. Unfortunately I may have to write the master password down for my hubby. 😁😬 I’ll get it figured out. Thanks for your help.

                1 user thanked author for this post.
              • #2019061 Reply
                SteveG
                AskWoody Plus

                My solution:   Both my wife and I have copies of the password manager software on our laptops.  She has details of my password manager login credentials and I have hers, so either of us can get to the other’s passwords if necessary.  This way, the details are kept secure.

                 

                1 user thanked author for this post.
              • #2019283 Reply
                mn–
                AskWoody Lounger

                The ability to open the password storage by someone else is by definition a backdoor that could be exploited.

                So, it becomes a question of how you secure that… for the estate management case a piece of paper in a secure location isn’t a bad method, as long as the password doesn’t change.

                For those with sufficient technical ability to cope with public-key cryptography, this is again a point where the pass / QTpass / etc scheme has potential, as you can encrypt to multiple keys so any of them can decrypt… and do this separately for different parts of the whole structure.

                (I have some of the passwords shared with my spouse, some with spouse and kids, and…)

                1 user thanked author for this post.
      • #2011136 Reply
        anonymous
        Guest

        I’ve used roboform for more years than I can remember. Never any issues

      • #2011390 Reply
        anonymous
        Guest

        Just to add another product.  I have used PasswordSafe for a long time.  It used to come up in this type of forum but I don’t see it so much anymore.  It has room for a large free format memo which I use extensively.  Drag and drop works with most web sites (but not some of the ones that prefill the boxes with words like UserID and Password).  Data is stored locally (at least on the version I use).  It does have some macro capability, primarily to deal with action caused by the enter key.  I don’t use this feature.

      • #2011706 Reply
        SteveG
        AskWoody Plus

        I’ve been using eWallet for many years.  It’s a great product IMHO, and has versions for iOS and Android which I’ve used both of to enable syncing between my laptop and my phones.  Only down side from my experience is the AU$20 cost for Windows PC and AU$10 for Android and iOS versions, but gee, it saves a lot of hassles if you keep your password data up to date.  You can check it out here    https://www.iliumsoft.com/

        BTW – I am in no way associated with the vendor, just a satisfied user.

      • #2013499 Reply
        anonymous
        Guest

        Interesting that no one has mentioned 1Password, which I have used for years successfully, and which received “Best Password Manager” from many tech sites.

         

        • #2013599 Reply
          Paul T
          AskWoody MVP

          Maybe because it’s subscription based – minimum of $36pa.

          cheers, Paul

          • #2019071 Reply
            dslater
            AskWoody Plus

            Very likely. I used the standalone product (what they now call a perpetual licence) for years with no complaints and eventually bought a subscription to v7 once the ‘upgrade’ was offering something I wanted. Personally, I keep my password vault local to me, syncing to the cloud only once in a blue moon.

            You can still buy a perpetual licence of 1Password 7 from within the app, but that just begs the question of what to do when 1password 8 comes out (and it will).

      • #2017690 Reply
        DriftyDonN
        AskWoody Plus

        bitdefenders pw mgr is NOT reliable.

        • #2018933 Reply
          Paul T
          AskWoody MVP

          Why is it not reliable?

          cheers, Paul

          1 user thanked author for this post.
      • #2208263 Reply
        alphacharlie
        AskWoody Plus

        FWIW, the Consumer Reports website posted today ( 17 March 2020) on their review of  Password Managers;  here is their ranking (the first four are “recommended”):

        1. 1Password Families ($60/family/year)
        2. Keeper Password Manager ($60/family/year)
        3. Bitwarden Families ($12/family/year)
        4. Bitwarden Free (2 users)
        5. Lastpass Premium ($36/year)($48/family/year)
        6. Lastpass Free

        The comparison website called WireCutter, has the same ranking.

        Personally, I have used Lastpass on multiple devices for at least 5 years without complaint, but my Premium plan expires next month –  so I am open to switching.

        • This reply was modified 2 weeks, 2 days ago by alphacharlie.
        • This reply was modified 2 weeks, 2 days ago by alphacharlie.
        1 user thanked author for this post.
        • #2208275 Reply
          Paul T
          AskWoody MVP

          WireCutter ranked BitWarden as the best free one.

          cheers, Paul

      • #2208309 Reply
        anonymous
        Guest

        According to a study by the University of York most password managers leak https://www.york.ac.uk/news-and-events/news/2020/research/expose-vulnerabilities-password-managers/

        Seems that Windows-versions leak via clip board. But attacker has to have physical access to pc (or Android phone).

      • #2208323 Reply
        Paul T
        AskWoody MVP

        Seems that Windows-versions leak via clip board

        Only if that is used. Most seem not to.

        cheers, Paul

      • #2208342 Reply
        MikeFromMarkham
        AskWoody Plus

        I’ve tried several password managers over the years including Roboform, Dashlane, 1Password, KeePass, LastPass and more, but I’ve always come back to LastPass because it “just works” for me.

        However, I recently discovered Bitwarden (https://bitwarden.com) and have been very impressed with what I’ve seen in limited testing so far.  It’s free, open source, and works on every major OS platform.

        I plan to transfer my entire LastPass database to Bitwarden on one computer and my Pixel 3a phone and use it exclusively on those devices for 1 month. If it really can do everything that I need, it will replace LastPass on my other devices as well.

        1 user thanked author for this post.
    Viewing 20 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Need a password manager

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel