Then you can generate a password so big and complex, the site or app starts begging you to stop. At that moment, you can say “ur password system is weak.”
Careful with that. Sometimes a site will allow you to use some stupid long password when you sign up, but then it turns out that some other version of the site or an app for it on other platforms won’t accept a password that long!
It just says “wrong password” and you’ll be guessing at which random character did it cut the password. Luckily sometimes it’s just a stupid html verification form that can be disabled in the console and be submitted anyway.
My e-mail provider does this. I wanted to change my password to some 64 character long generated string. It accepted, but I could not log in after that. After a few tries, I found the reason and, after another few tries, also the limit at which it gets truncated: 16 characters! God, how I hate them for this…
It’s not a service you’re paying for. It is just a password manager.
Though tbh, I don’t know all of bitwardens spesific details.
It’s at least open source, but can you have your passwords stored anywhere other than their servers? What if the company changes path - can you just use another fork or are you stuck.
Bitwarden is self-hostable and foss, with some unofficial software already out there. Not much opportunity for the company to entrap customers if it went evil.
IMO, for most people it’s best to just send them to register at bitwarden. It’s less hassle so they might actually follow through, while being infinitely better than what they were doing before.
Or just use the built in password managers in chrome or Firefox. No need to pay for a password manager when they are free on the browsers most people already use
Browser-based password managers are terrible. I use multiple browsers regularly (Firefox, Chrome, Edge, Safari) and got sick of trying to keep them in sync with my “master” KeePass database, so I ended up exporting everything from them and dumping the exports into KeePass. Deleted everything from the browsers. It was a huge weight off my shoulders.
I changed the password autofill on both my work phone (iPhone) and personal phone (Pixel) to their respective KeePass variants. It’s much nicer.
Fair enough but both the chrome and Firefox password managers are cross platform and can be exported and imported supporting the ability to move away from them in the future should you choose. So for a first step from having insecure passwords to a password manager that gives strong passwords for someone who doesnt even want to rema strong password in the first place, they are good steps in the right direction. Don’t let perfect be the enemy of good.
Funnily enough, I almost said that to the keepass person. But there are some upsides. I’ve seen people find the separate extension ui easier because it doesn’t blend into browser settings.
I mean the post is about people who dont want to put in effort to remember a good password, the path of least resistance here is still a good one. It’s not like the built in password managers are bad. With Firefox you can import from chrome and I believe you can also export the passwords if you wanted to move away from Firefox anyways. It’s not like you are locked away for good.
Do yourself a favor and go to https://bitwarden.com/
Then you can generate a password so big and complex, the site or app starts begging you to stop. At that moment, you can say “ur password system is weak.”
Careful with that. Sometimes a site will allow you to use some stupid long password when you sign up, but then it turns out that some other version of the site or an app for it on other platforms won’t accept a password that long!
That’s okay, I just want to hear “it’s too big”
It just says “wrong password” and you’ll be guessing at which random character did it cut the password. Luckily sometimes it’s just a stupid html verification form that can be disabled in the console and be submitted anyway.
In my experience it always cuts off the characters at the end.
I mentioned lemmy passwords in the other reply. Guess how I found out
Or alternatively, it allows you to enter a password as long as you like, but on their end it gets truncated.
My e-mail provider does this. I wanted to change my password to some 64 character long generated string. It accepted, but I could not log in after that. After a few tries, I found the reason and, after another few tries, also the limit at which it gets truncated: 16 characters! God, how I hate them for this…
In lemmy, password length is capped to 60. Weak.
Almost, but KeepassDX is better 😎
KeePass and literally any of it’s derivatives. Not just DX.
I use Keepass2Android, KeePass XC, Keepassium, and the OG KeePass.
They are all solId.
Why?
It’s not a service you’re paying for. It is just a password manager.
Though tbh, I don’t know all of bitwardens spesific details.
It’s at least open source, but can you have your passwords stored anywhere other than their servers? What if the company changes path - can you just use another fork or are you stuck.
Bitwarden is self-hostable and foss, with some unofficial software already out there. Not much opportunity for the company to entrap customers if it went evil.
IMO, for most people it’s best to just send them to register at bitwarden. It’s less hassle so they might actually follow through, while being infinitely better than what they were doing before.
Thanks, I’ll look into it :)
Sadly they are putting ‘AI’ bullshit into it now: https://bitwarden.com/blog/bitwarden-mcp-server/
Can’t wait to have chatgpt post my passwords online
We’re not sure what system they use, but yeah. That was our thoughts too.
Arghh, why is every company thinking, that AI will make them valuable…
Yeah a definite nope, for what reason do I use bitwarden? So that exactly this doesn’t happen…
Anyway vaultwarden is what I’m using, much more performant and self-contained, compatible to bitwarden (but you need to host it, obviously)…
Yes but it’s opt in, not opt out, it’s not shoved down my throat unlike most other companies.
Or just use the built in password managers in chrome or Firefox. No need to pay for a password manager when they are free on the browsers most people already use
Browser-based password managers are terrible. I use multiple browsers regularly (Firefox, Chrome, Edge, Safari) and got sick of trying to keep them in sync with my “master” KeePass database, so I ended up exporting everything from them and dumping the exports into KeePass. Deleted everything from the browsers. It was a huge weight off my shoulders.
I changed the password autofill on both my work phone (iPhone) and personal phone (Pixel) to their respective KeePass variants. It’s much nicer.
I didn’t say anything about paying. It’s free in both meanings of the word.
It’s also cross-platform and -browser and better than builtin ones.
Fair enough but both the chrome and Firefox password managers are cross platform and can be exported and imported supporting the ability to move away from them in the future should you choose. So for a first step from having insecure passwords to a password manager that gives strong passwords for someone who doesnt even want to rema strong password in the first place, they are good steps in the right direction. Don’t let perfect be the enemy of good.
Funnily enough, I almost said that to the keepass person. But there are some upsides. I’ve seen people find the separate extension ui easier because it doesn’t blend into browser settings.
I wouldn’t recommend that. Bitwarden is free and works on any device, and doesn’t tie you to a browser. What if you want to switch browsers someday?
Same as wanting to switch password managers some day. Firefox has been the most consistent thing in my life.
That’s not really the same. But if it works for you, go for it.
I mean the post is about people who dont want to put in effort to remember a good password, the path of least resistance here is still a good one. It’s not like the built in password managers are bad. With Firefox you can import from chrome and I believe you can also export the passwords if you wanted to move away from Firefox anyways. It’s not like you are locked away for good.
I started with a browser password manager, and when I needed to change browsers it was an extreme pain in the ass to move everything.