• isdfoa@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    I use Chrome password manager. Is there any difference to this vs. Bitwarden or other services? Chrome is super convenient since it suggests passwords in browser while signing up and auto-inputs them to apps/websites cross platform. And also integrates with GBoard to quickly search password to copy into a field.

    Not sure if Bitwarden has any additional features other than the benefit of not keeping all my info with Google. Or if it’s less convenient and I have to go into the Bitwarden app or something everytime to look up or generate passwords?

    • beeb@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      edit-2
      1 year ago

      The passwords store on Google chrome is not encrypted in a way that makes it hard to steal your credentials. The encryption key is stored on your file system alongside it in plain text. There are generally much fewer concerns for security in browser password managers than in standalone solutions. The standalone password managers also allow you to enter credentials into apps on your phone or desktop even if login doesn’t happen in a Web view. Usually they also allow to store much more data besides passwords (passports, encryption keys, secret text documents or pdfs, credit card information, …). I use 1password and they have very good integration I the browser and os through their extensions and apps. It’s not less convenient than chrome’s own solution.

      • isdfoa@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Good to know, thanks! I wasn’t aware passwords on chrome are not encrypted.

        I’ll have to take a look into cost of 1password and Bitwarden, and see if any of them have password import features from Chrome to make the switch easy

        • Swarfega@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          I can’t comment on 1password but Bitwarden has a free version.

          KeePass is also a very good password manager but isn’t stored online. It’s a standalone application. I used KeePass for years but switched to Bitwarden last year for my online passwords.

          • MrPozor@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            You can sync KeePass files automatically between devices using plugins. Takes time to set up at first but afterwards you have the best of both worlds completely for free.

            • Swarfega@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I used to sync using triggers over OneDrive. A while ago now, but they updated the application to handle synchronisation better and it’s pretty much baked in. KeePassXC is even better in that it can reload your database the second it detects changes.

              I really do like KeePass, it features one thing many other (any?) applications don’t offer and that’s auto-typing your credentials into applications. For this reason alone I still use KeePass heavily at my workplace.

        • beeb@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          You might find this interesting on a technical level: https://www.youtube.com/watch?v=CIOsemj3kl4

          Regarding import from chrome, here is the article for 1password https://support.1password.com/import-chrome/

          The cost is not free but if you’re comfortable with having anyone but you handle your (encrypted) data I think they are a good option. Like others said, Bitwarden is another popular alternative which you can also self-host if that’s your thing (either through their official server or through the alternative vaultwarden open-source project).

        • tsl@vlemmy.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I use Bitwarden and I definitely imported all my passwords from Chrome. There’s a guide somewhere on their website I believe.

      • lazyslacker@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I’m not aware of the details but my understanding has been that chrome used to store passwords unencrypted but now it does not.

        • beeb@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          They are indeed encrypted but the encryption key is stored in the user’s profile on disk, which defies the purpose.

      • Noughmad@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        The standalone password managers also allow you to enter credentials into apps on your phone or desktop even if login doesn’t happen in a Web view.

        This is possible with in-browser password managers too, at least with Firefox on Android, and I would be really surprised if it weren’t supported by Chrome as well.