Password Manager Suggestions

flaneurs_lobster

400ixl said:

You have to be logged into Bitwarden at the time that you are offline, but it will then continue to work. It does not store the master password on the local device which is required to login.

So yes it does keep a local copy of the passwords (encrypted), but not the master password. Gives a level of flexibility others don't but maintains the high level of security.

Obviously not entirely flawless in that if you haven't logged into Botwarden on the local device before going off line you won't get in, but for the vast majority of circumstances it works fine.

Better than manually copying vaults around between devies.

So my database of 900-odd passwords, URLs, etc is stored locally on each of my devices? 

EDIT : Had to test this empirically and you are absolutely right.  

k_man

flaneurs_lobster said:

400ixl said:

You have to be logged into Bitwarden at the time that you are offline, but it will then continue to work. It does not store the master password on the local device which is required to login.

So yes it does keep a local copy of the passwords (encrypted), but not the master password. Gives a level of flexibility others don't but maintains the high level of security.

Obviously not entirely flawless in that if you haven't logged into Botwarden on the local device before going off line you won't get in, but for the vast majority of circumstances it works fine.

Better than manually copying vaults around between devies.

So my database of 900-odd passwords, URLs, etc is stored locally on each of my devices? 

EDIT : Had to test this empirically and you are absolutely right.  

That is actually deliberate.
It means the database is only ever decrypted locally.
Part of the zero knowledge model of cloud based password managers: the provider has no access to the encrypted contents of your database, and does not know or store your password.

Other cloud based password managers, e.g. LastPass and Dashlane, operate in a similar way, and also allow offline access, if already logged in, using the locally cached copy of data.

[Deleted User]

As mentioned above, the problem with local storage is the backups, ideally, any decent backup should be automated, daily and stored offsite - which is why cloud-based is so convenient.

I've recently moved to a self-hosted solution with Vaultwarden which is a fork of Bitwarden so it gives all the premium-priced features such as 2FA, authenticator, emergency access, family sharing and unlimited password storage - and can use all the Bitwarden client apps on mobiles phones, PC, browser extensions etc which makes it convenient.

Although self-hosting means you have to skill up a little on security to match the big boys, on the other hand, you won't be targeted like the big companies by hackers and the obscurity of your own password vault will hardly be noticed.

Bigphil1474

OP, depends how many passwords you need to keep, but I just use sticky notes on my PC (as in the electronic sticky notes). They can only be accessed when I log in, and I also use a bit of a code depending on which email is needed to log in. A typical one would be - Bank - Gmail - MyP4ssw0rd (etc.) So i know which website, which one of my 3 emails to use, and the password, but nobody else would be able to work it out. I only have about 30 ish sites that I use regularly. I also have a similar printed version in my wallet. Not particularly high-tec but works for me.

chumbasumba26

I would go with a Password manager like Keepass or Enpass that allows you to locally manage or store your password vault on a cloud drive like Google or Microsoft One Drive.

The problem with online password managers is that you are reliant on them being secure, available all the time etc.

If they go down, you can't login!

With a local or mirrored password vault (to OneDrive etc.) you will always be able to login