Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
1. All posts must be relevant to Android devices/operating system.
2. Posts cannot be illegal or NSFW material.
3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.
4. Non-whitelisted bots will be banned.
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
Community Resources:
We are Android girls*,
In our Lemmy.world.
The back is plastic,
It's fantastic.
*Well, not just girls: people of all gender identities are welcomed here.
Our Partner Communities:
I use pass which is a frontend for GnuPG. It's sort of primitive and I had to write user interface for it but it's super flexible. Since every password is saved in encrypted file syncing is easy and we use Git to share company passwords amongst ourselves.
I absolutely use a password generator/manager. Using Bitwarden.
Keepass with key file. I synchronise only the database with cloud servers while the key file stays on my devices and never gets synched. I think that's a good tradeoff for security and convenience.
A shame I haven't seen Passwordstore (pass) here. Simple, transparent, and to the point, with great extensibility to boot. It also interacts with git allowing you to version track your own storage, which is a huge plus for me since I use git daily.
On other choices, I think the largest point you should consider for a password manager is the ability to self-host your own instance. Opensourced server code is the next best thing. In security, human trust should never be trusted, and even if the company is not lazy and malignant about your data, bundling up a lot of them create obvious larger targets for potential hackers, and you have higher chance of getting the collateral damage than localized ones.
I use 1password. I heard that Apple uses 1password internally. I figure their IT guys are more expert than me, a random internet dude. So I chose 1password. Works great on desktop, mobile, and even Linux. Family plan is a good deal. You can even share passwords between users for common things like bank accounts, etc, between family members.
Having a password manager is incredibly useful when someone dies and you need access to their accounts. I think bitwarden and probably others lets you grant emergency access to someone, definitely leaving it in my will.
I personally use pass, which uses gpg for encryption and can also use git repositories (I use it with my personal gitea instance).
I just use the chrome password manager, works great and seamlessly transitions from Android to desktop. I used to use KeePass, but the convenience of the built in tools in chrome just works really well, especially after moving over from iOS.
I don't use them. I see this as a putting all eggs in one basket strategy, if my master password was lost, hacked, hosting company shutdown, or for whatever reason refuse to do business with me, my entire life would be screwed.
Instead I use long passwords made of words, and for each site it will be a few letters off. They're easy for humans to remember because how similar they are, but due how hash works they are equivalent to unique passwords to hackers.
Hashing only works if the website stores their passwords correctly. If a single website you use doesn't hash passwords correctly, and gets their database leaked, then your passwords will all be leaked. Changing a few characters per site may help a bit, but it shouldn't be relied on.
Also, if you're worried about the host shutting down, you should try bitwarden. It's completely open source, and you can self host it if you want.
Keepass with syncthing is GOAT
I'm probably going to get grilled for this but I've Been using Firefox's Saved passwords, I really don't need anything better.
Ive used 1password since almost the beginning. Cant say I have any complaints at all!
KeePassX(C?) both on Windows and Linux. I used the windows version KeePass2 but there was a recent security vulnerability in it so I switched to KeePassX. Maybe it's already patched... auto-type doesn't seem to work in KeePassX on Windows so I might switch back but it's not that critical.
It's kinda ridiculous that no one made better system for credentials, soma of requirements policies are ridiculous.
I would never use cloud services if not hosted on my server.
Keepass with custom sync is best option.
I would not recommend cloud based password manager. We all know what happened to LastPass. But locally encrypted ones are great. I love to use KeePassXC.
Yeah I use Lastpass, it's very useful. I'd like to switch to something FOSS and locally encrypted, but honestly I've tried a couple times and never got it working properly, meanwhile Lastpass always works. I hate their blinding white UI lol.
Does anyone have recommendation for a password manager that works well on both mobile and desktop? I browse with Firefox and while Lockwise is integrated into Firefox now and works fine on desktop, it's kind of 'eh on mobile in my opinion. It "works" but I find it to be fairly clunky and a lot of the time I need to open the Firefox app and just find the password in there and paste it in.
Does any other application work better for transferring passwords made on desktop to mobile more seamlessly? Looking for better detection of the user/pass via app or website.
Lot of people suggesting bitwarden. Great app. I would also throw 1password into the ring. Their mobile app integration is really great and so is their desktop app, although I mostly use the firefox extension usually.
+1 for bitwarden. I use the desktop app + browser extension + Android app. I have to manually hit the sync button on the android app every so often but other than that it just works.
I also use Firefox on all my devices (PC,Mac, Android), In Android only 6/10 times it will show Search Password in Firefox when I select any login form in the browser or any app. It's kinda annoying. I spent more time in my Mac so I don't consider it a big deal.