Best site for single password access?

[Lucan Unlordly]

I'm forever forgetting passwords and am aware of secure single password sites. I had a free trial on one a year or so back and couldn't get my head around it?

Any suggestions?

 

[japancool]

I use LastPass with browser extensions.

 

[estwig]

Lastpass is an awesome app, been using it about two years now.

Pay the £30.00 or so a year for the full fat version, took a bit to get my head around it at first, it is very good.

 

[YasmeenLondon]

Self-hosted Bitwarden

 

[fisicx]

Maybe I'm missing something but my phone has Face ID and my browser remembers my passwords. Why do I need anything else?

 

[YasmeenLondon]

Maybe I'm missing something but my phone has Face ID and my browser remembers my passwords. Why do I need anything else?

Mainly for cross-platform support and the ability to share passwords/secure notes etc. within your organisation

 

[fisicx]

Mainly for cross-platform support and the ability to share passwords/secure notes etc. within your organisation

Neither of those I need. In any case why would you ever share a password with anyone? If someone needs access to something they should have their own account.

 

[YasmeenLondon]

Neither of those I need. In any case why would you ever share a password with anyone? If someone needs access to something they should have their own account.

Ok mate ... If you don't need them that's great for you, others do.

 

[YasmeenLondon]

why would you ever share a password with anyone? If someone needs access to something they should have their own account.

Password managers tend to favour organizations more than solo freelancers, for example, I create a vault for every company we work with, it allows the people working on the website to have all the license information and necessary passwords in one place, and also allows me to share those passwords with the website owners ina secure way, you might/probably do things differently but the whole point of this forum is that we share suggestions and learn from each other

 

[ctrlbrk]

and also allows me to share those passwords with the website owners ina secure way, you might/probably do things differently but the whole point of this forum is that we share suggestions and learn from each other

Obviously you could do with some security awareness.

 

[YasmeenLondon]

Obviously you could do with some security awareness.

Care to elaborate or are you happy with just criticising?

 

[fisicx]

...it allows the people working on the website to have all the license information and necessary passwords in one place, and also allows me to share those passwords with the website owners ina secure way...

You need to explain this a bit more as it's very confusing.

Are you suggesting everyone working on a website has a bitwarden vault and you share the same password across all developers? Why do you need to share a password with the site owner? Surely they have their own account to access the site with a password they generate themselves.

 

[ctrlbrk]

Care to elaborate or are you happy with just criticising?

Google Search

 

[YasmeenLondon]

You need to explain this a bit more as it's very confusing.

Are you suggesting everyone working on a website has a bitwarden vault and you share the same password across all developers? Why do you need to share a password with the site owner? Surely they have their own account to access the site with a password they generate themselves.

Respectfully, that’s not what I’m suggesting.

We developed SOP’s that allow different team members to work on the project at the same time in a consistent manner and security is paramount.

Every project has a vault which contains all the related licenses, passwords, secure notes etc, these entries are categorised based on who will be using them and when, every team member working on the project has access to that vault and only to the entries related to them, once the project is done, only the owner can access those entries, and when they choose to manage their website or transfer to a different agency, they can easily and securely access all entries related to their website.

 

[YasmeenLondon]

@ctrlbrk Yes, you shouldn't use shared accounts, where did I suggest otherwise?

 

[ctrlbrk]

and the ability to share passwords/secure notes etc. within your organisation

 

[YasmeenLondon]

@ctrlbrk

The ability to share passwords within your organization with designated people is not the same as a shared account.

 

[ctrlbrk]

@ctrlbrk

The ability to share passwords within your organization with designated people is not the same as a shared account.

What's the difference?

 

[Kerwin]

Bitwarden is great. I use it on all of my computer devices. Team it with a Yubikey, and you have a very secure way to store passwords.

 

[Lucan Unlordly]

Maybe I'm missing something but my phone has Face ID and my browser remembers my passwords. Why do I need anything else?

Chrome doesn't save every password, particularly for sensitive sites, bank etc., nor would I want it to.

For me, I have a home PC and a works one, a Tablet and a phone. If I change eg., a suppliers password on my work PC and need to access it from home, unless I've written it down or sent my self an email - both things I try to avoid for security reasons - I'm stuffed.
I get stuffed about 3 times a week most weeks

 

[fisicx]

I use Firefox and brave because neither spy on me. But they do sync everything across all devices. Which means if I login on my phone I’m also logged in on my laptop. Easy peasy.

 

[estwig]

Chrome doesn't save every password, particularly for sensitive sites, bank etc., nor would I want it to.

For me, I have a home PC and a works one, a Tablet and a phone. If I change eg., a suppliers password on my work PC and need to access it from home, unless I've written it down or sent my self an email - both things I try to avoid for security reasons - I'm stuffed.
I get stuffed about 3 times a week most weeks

Lastpass would solve that, it's one of the reasons I use it, it has full cross platform support. Combine it with 2FA via an authenticator app, you're solid.

 

[DontAsk]

Lastpass would solve that, it's one of the reasons I use it, it has full cross platform support. Combine it with 2FA via an authenticator app, you're solid.

LastPass Hacked: What You Need To Know About Password Manager Breach

LastPass says partial source code and technical information stolen during compromise. Here's what you need to know.

www.forbes.com

 

[DontAsk]

LastPass Hacked: What You Need To Know About Password Manager Breach

LastPass says partial source code and technical information stolen during compromise. Here's what you need to know.

www.forbes.com

They didn't get any data this time but other "bad" things have happened to password managers like shutting down or suddenly charging fees.

 

[estwig]

They didn't get any data this time but other "bad" things have happened to password managers like shutting down or suddenly charging fees.

There isn't a single device, app or organisation on this planet that hasn't been hacked in someway.

 

[Financial-Modeller]

I've been using LastPass for a few years and it works well for my needs. It wouldn't take payment at subscription renewal a few weeks ago and I switched to Bitwarden instead - which is also cheaper - and that seems good too.

LastPass has better features and integrates better, but costs more.

 

[KM-Tiger]

Only an anecdote but do be careful what you share with others.

A few years back I took on a new client and when I asked for server root passwords I was given a link to a lastpass share.

Unfortunately the client made a mistake and instead of sharing just a folder allowed me to see everything. Logons to bank accounts and so on.

It was a bit like seeing a nasty image - you cannot unsee it.

I advised the client to change all passwords, whether they did or not I do not know.

So do be careful please.

 

[fantheflames]

Lastpass is fantastic.

I use this to share passwords with my team and clients.

As others have said, it's perfect for full cross platform support.

Does anyone else use an alternative to Lastpass that's paid or free?

I'd be interested to hear.

 

[japancool]

Does anyone else use an alternative to Lastpass that's paid or free?

Our company switched from LastPass to PassPortal, but I still personally use LastPass.

 

[Onthebrightside]

@ctrlbrk

The ability to share passwords within your organization with designated people is not the same as a shared account.

So, YasmeenLondon is giving you an example of our company. We use 1Password, each person has a unique password and set of hoops they have to jump through to get access, but they then have the passwords and info for things like the phone account, tender portals, gas/elect etc., which means anyone of us can get into the online account to resolve issues, source information. No one can access that info unless they have been invited by the 1Password account holder and then they have to access it under their own created account and password.

This makes sense where you might have people working remotely or you employ a VA who might change from time to time. The information is securely there from the start of a handover, all you have to do is create a password for 1Password - bingo

 

[fantheflames]

Our company switched from LastPass to PassPortal, but I still personally use LastPass.

What was the reason why your company switched from LastPass to PassPortal?

 

[japancool]

What was the reason why your company switched from LastPass to PassPortal?

I have no idea - I wasn't involved in the decision.

Our FD does like changing stuff regularly though, usually with no notice.

 

[DontAsk]

There isn't a single device, app or organisation on this planet that hasn't been hacked in someway.

Rubbish.

 

[estwig]

Rubbish.

I'll give you that my kettle has never been hacked!

 

[HFE Signs]

Call me old fashioned but I'd much rather manage my own passwords

 

[japancool]

Call me old fashioned but I'd much rather manage my own passwords

You're old fashioned.

Seriously though, I don't even know what most of my passwords are, since I've auto-generated most of them, and they're all random. There's no way I could remember or manage them all myself.

 

[fantheflames]

You're old fashioned.

Nothing wrong with being old fashioned.

As long as it works, why change?

I value LastPass, but can see why others may not find it useful at all.

But that's because it's much easier for my type of business.

 

[japancool]

As long as it works, why change?

Well, as I see it, the only way you could manage your passwords yourself, given how many we have in this day and age, is to either use the same password for multiple accounts and sites, or note them down somewhere, both of which are security risks.

I used to do the former, until I had a scare where one of my account providers was hacked. I had to go round changing passwords on dozens of accounts to something unique and different. I couldn't possibly manage all of those without some kind of vault.

 

[DontAsk]

Well, as I see it, the only way you could manage your passwords yourself, given how many we have in this day and age, is to either use the same password for multiple accounts and sites, or note them down somewhere, both of which are security risks.

More rubbish!

I do not use the same password and I do not write them down.

I hash the URL in my head for any site that requires a password. The only people who knows the algorithm, which is also not written down anywhere are me and my wife

 

[japancool]

Yeah, well, normal people don't do that.