Currently I use Lastpass, but whilst its so convenient having all your passwords in the one place, if its compromised then its, rather not think about the annoyance of that.
What’s the /e/ community suggestion and for /e/ users what do you use that’s open source / floss that works well?
I use KeePassXC. It’s very conveniently cross-platform friendly (I use my NextCloud site to keep the files synced across PCs, laptops and phones).
I’ve also seen many (, many) recommendations for BitWarden. I evaluated it a few months back – clever idea at its core, and apparently well-implemented, but it didn’t impress me enough to switch.
Thanks for the recommendations. My reason for looking for an alternative to Lastpass is that the Lastpass app is rated 0 in privacy in the /e/ app store. Crazy when you consider that Google Chrome app is rated 5.
I use LessPass. It’s not a password manager in the way it does not saves and cross-platform synchronise. Though, it’s a convenient way to have highly complicated passwords easy to access with nothing on the cloud.
I have the feeling that the security score does not mean anything: it seems like they base the score solely on the permissions declared in the app manifest and the “trackers” libs they embark. From what I’ve seen in their analyses result, lots of trackers are just crash report libs.
But to answer your question KeePassXC is a must have: it’s light, sturdy and do perfectly the work (and as other said you can pair it with nextcloud or other sync services to have your encrypted vault synced on multiple device), but I don’t think it has any in-app or browers autofill features like the commercial password managers have.
KeePass2android rate 5 in Privacy. Bitwarden rates 3.
It’s better than Lastpass that has a 0 rating but it doesn’t make me ready to switch.
Also, they are not in F-Droid / not open-source?
KeePass2Android is not on F-droid but is open source and has no trackers. Feel free to audit the code. Reason why it’s not on F-Droid’s official repository: “It’s a Xamarin app, and would need an F-Droid team member with Xamarin experience to build…”
KeePass2Android has currently no privacy rating on the apps store. Only its offline variant with a 6.0 score as it asks for more permissions than Keepass DX.
You can import databases from Dropbox, Google Drive, OneDrive, SFTP, FTP, Webdav, Owncloud, Nextcloud (so e.drive should be ok) and Pcloud.
Should you store such crucial stuff in the cloud, make sure to have a great database master password and a keyfile (not stored in the cloud) on the devices you want to use the database on.