KeePass2 as a pasword manager. Less convenient than online, but so much safer, there’s also Kee, a browser extensions that connects to the database locally and autofill passwords in sites
I would say your attack surface area is reduced. Last pass and bitwarden are huge targets for state sponsored cyber attacks.
Also no lock in. I use the same password db with multiple browsers simultaneously.
There is no paid tier. All features available. Storing SSH keys for example.
I use my db to store all sorts of information, not just passwords. For example, I need to manage heaps of physical keys. I stamp them with a serial like k23 and store details about the key in my db.
Keepassxc also does TOTP. Some aren’t into that which is fine but I don’t see any benefit in using a separate app.
If stored in a browser, your passwords become very obvious targets for stealer malware (the stuff that does account takeovers). Using keepass or other similar software won’t make it impossible for malware to get them, but the likelihood malware will target it is significantly lower.
Paid services put your passwords in the hands of the service. In the case of a data breach (see LastPass), all your passwords will get out.
Note: Password manager services should encrypt your data such that a data breach does not instantly pwn every single account of every single customer. However it is not possible for you as the customer to know until they get breached.
Note 2: When storing your passwords in the browser, they may also end up stored in Google or Mozilla’s (and so on) servers, resulting in the worst of both worlds for security: Passwords are in a well-known location on your PC and a well-known location on the internet.
KeePass2 as a pasword manager. Less convenient than online, but so much safer, there’s also Kee, a browser extensions that connects to the database locally and autofill passwords in sites
Keepassxc
What are the advantages over saving the passwords directly in the browser, or using a paid service?
I would say your attack surface area is reduced. Last pass and bitwarden are huge targets for state sponsored cyber attacks.
Also no lock in. I use the same password db with multiple browsers simultaneously.
There is no paid tier. All features available. Storing SSH keys for example.
I use my db to store all sorts of information, not just passwords. For example, I need to manage heaps of physical keys. I stamp them with a serial like k23 and store details about the key in my db.
Keepassxc also does TOTP. Some aren’t into that which is fine but I don’t see any benefit in using a separate app.
If stored in a browser, your passwords become very obvious targets for stealer malware (the stuff that does account takeovers). Using keepass or other similar software won’t make it impossible for malware to get them, but the likelihood malware will target it is significantly lower.
Paid services put your passwords in the hands of the service. In the case of a data breach (see LastPass), all your passwords will get out.
Note: Password manager services should encrypt your data such that a data breach does not instantly pwn every single account of every single customer. However it is not possible for you as the customer to know until they get breached.
Note 2: When storing your passwords in the browser, they may also end up stored in Google or Mozilla’s (and so on) servers, resulting in the worst of both worlds for security: Passwords are in a well-known location on your PC and a well-known location on the internet.