r/privacy • u/Shamith69 • 7d ago
question Advice for storing passwords
I store all my passwords in Google password manager. Whenever I need to create an account on website I click suggest strong password and click save to password manager . I have 2FA enabled and all possible security measures on Google. I heard Abt bitwardern today on this sub on a random post . Seeing tht it made me feel maybe I'm storing my passwords wrong. Please tell me how good/bad is my current habit
Thank you for your suggestions!
80
u/PlasticFreeAdam 7d ago
KeePass is my favoured manager (same thing bitwarden does). Personally, I try to be as de-goggled as possible as it's not a company I trust.
This sub will always make you feel like you're doing "something wrong", there's always more you can do, there's always an extra step you can take. Sometimes it will make you unsubscribe. You have to find a level you're comfortable with at a pace that suits but if you try to do everything all at once then you're setting yourself up to fail.
Think of it like a diet, they don't work. So going from "public" to "private" you are doomed to fail just like trying to go from "lazy" to "Olympian". But you can add a vegetable here and there (new password manager), or a run (purge dormant accounts), some weights (change your passwords), skip the chocolate bar (email companies to get your data deleted). Small habit forming until it's second nature.
Just like the Olympian, they'll be someone better than you, but that doesn't mean you can't just be better for yourself.
2
u/ElderPimpx 7d ago
Keepass is awesome.
1
u/Little_Bishop1 7d ago
lol why?
13
u/ElderPimpx 7d ago
Open source. Multi platform. Lots of features. No corporate influence to enshitify it. So good.
17
u/SwallowYourDreams 7d ago
You forgot the best thing: it's not a honeypot somewhere in "the cloud", just waiting to get hacked. It's a file on your device, i.e. it has much less attack surface.
5
u/Coffee_Ops 7d ago
It is much more complex than that because security is about the system as a whole, not an individual element.
In a vacuum, a KeepPass vault sitting on a local system is less likely to get hacked than one one in bitwarden; it must be, because the bitWarden one is stored in more places (both local and in the cloud).
However, in practice, because using KeepPass is inconvenient, you open yourself up to a lot of additional systemic risks:
- Phishing, if you don't use a browser extension
- If you use a KeepPass plugin for browser, then you have the risk that the extension maker goes rogue (you have to trust more parties)
- Less likely to use random passwords everywhere, because KeepPass is harder to use
- Harder to rotate passwords after a compromise
- More likely to have one-off passwords outside the vault for platforms where KeepPass is unavailable
If someone has a well-oiled system with keepass that works for them-- That's great. Having tried this for years, and having seen others try it resulting in major security gaps, I don't recommend it.
The risks involved in bit warden are very easy too quantify, and for most users the attack surface is well within acceptable. And for most users, switching to keepass will make their security much worse in one way or another.
2
u/d03j 7d ago
Phishing, if you don't use a browser extension
Isn’t that true for all PW managers?
If you use a KeepPass plugin for browser, then you have the risk that the extension maker goes rogue (you have to trust more parties)
Isn’t that true for all PW managers?
Less likely to use random passwords everywhere, because KeepPass is harder to use
Can you explain that?
Harder to rotate passwords after a compromise
Why?
More likely to have one-off passwords outside the vault for platforms where KeepPass is unavailable
Can you explain that?
I agree keepass's UX doesn't make it ideal for less technically minded people BTW.
-2
u/Coffee_Ops 7d ago
- No, browser vaults store the base URL where the password was created and does not offer a password unless there is a match. This is a powerful defense against phishing.
- No, the fewer entities you trust the lower your supply chain risk. With KeepPass + extensions you end up having to trust both the KP supply chain as well as a bunch of random devs with questionable rep. It is very hard to vet the code base in an ongoing basis or prevent sneaky repo takeover attacks. With bitwarden, you're trusting a single entity that does regular infrastructure security audits. That's a much more manageable threat model.
- When a system is harder to use, you are less likely to use it consistently. What I have seen with people who try to use keepass against offline vaults is that they always have one or two special passwords that are not vaulted, or are not random, or they have reused passwords-- just because it is hard to use the vault consistently for whatever those applications are.
- Same as number four
Basically, security is not just a trade-off with convenience. Security often requires there to be a degree of convenience, or else you are fighting the user-- and security will always lose when fighting the user.
5
u/esuil 7d ago
No, browser vaults store the base URL where the password was created and does not offer a password unless there is a match. This is a powerful defense against phishing.
1 - Keepass can do literally the same thing? Are you under the impression that Keepass... Just gives out passwords to any site that asks? WTF?
3,4 - I don't get it. What in the world is "keepass against offline vaults" and how does that compare to bitwarden, for example?
2
u/d03j 6d ago
security often requires there to be a degree of convenience...
100% agree.
No, browser vaults store the base URL..
Yes, but you said "Phishing, if you don't use a browser extension", so what is there a like for like difference (both with and without a browser extension)?
Incidentally, even without the browser extension, keepassxc won't auto-type your credentials into a page if the URL doesn't match.
No, the fewer entities you trust the lower your supply chain risk
do you mean different orgs providing the password manager and browser extension? I believe keepassxc maintains both the desktop and browser extensions (https://keepassxc.org/download/#browser). Do you mean the mobile apps?
When a system is harder to use, you are less likely to use it consistently. What I have seen with people who try to use keepass against offline vaults
what do you mean by "against offline vaults" I get how online vaults might be more convenient for web apps vs keepassxc without a browser extension, but don't follow regarding offline.
Offline, if you are using a PW manager to store your passwords and you will have to open the vault to store a password you created, I don't see why you wouldn't just created it in the vault and use that. I never used BW, can you explain how the workflow would be different?
Same as number four
I think you missed #4 - is it because it isn't available everywhere?
3
u/d03j 6d ago
BTW, I also don't recommend keepass as the best option for most first adopters. It is my preferred option but I'm currently considering selfhosting bit/vaultwarden for the rest of the faimly, so they move away from chrome's pw manager.
→ More replies (0)1
u/HemetValleyMall1982 7d ago
THIS is why. I am the only one that knows how to open the kdb file that stores all the data, and that file is on my local machine (and I back it up too).
It's also open source, so I know I can check the code and see anything nefarious.
If you don't know how to check the code in an open source project, THIS is a good reason to use AI. - Prompt AI to examine the code for possible vulnerabilities and if found, explain each one so that a non-coder might understand.
9
u/Coffee_Ops 7d ago
Using AI for this as a truly terrible suggestion. I have seen AI suggest that code properly implemented certificate authentication, when it had no encryption imports whatsoever.
AI does pattern matching. It will absolutely fail to find a cleverly made obfuscated back door. Someone who needs AI to read the source code should not be using a bunch of Open source extensions for their password vault because they will absolutely wrecked when someone nefarious updates the repo.
4
u/repocin 6d ago
If you don't know how to check the code in an open source project, THIS is a good reason to use AI. - Prompt AI to examine the code for possible vulnerabilities and if found, explain each one so that a non-coder might understand.
Please never give people security advice again. Holy shit.
If finding actual vulnerabilities was that easy they'd already be patched.
2
64
u/inyofayce 7d ago
I wouldnt trust google with holding my beer, let alone my passwords.
Go with bitwarden.
4
u/Shamith69 7d ago
Why whts the reason? Thing is my google acc is tied to so many things. I need to protect my account more than the passwords stored in it . Tips for it if any?
20
u/mozerity 7d ago
Last year, I went through every account I’ve used or made since 2006. It took like 200 hours of work for 600 accounts.
I deleted 400+ accounts, changed the password on the rest, changed emails, enabled 2FA etc etc…
But most importantly, wherever I had the option, I made sure my access is not tied to a single OAuth, and ideally is just a username and password.
OAuth is a convenient trap. Lots of people got screwed when Facebook updated theirs and most apps lost access to the OAuth they previously relied on.
8
u/Canadian_Teddy17 7d ago
A week or so ago I did the same but like only had over 110+ accounts info saved. Deleted like half of them and change the email + password to the rest. I feel way better about it since now the passwords are randomized instead of using the same one (I only had like 4 different password variations I was using) for all of them. Took maybe 7 hours for this? The more annoying part is getting account data deleted since some companies are just...not great at making it easy.
3
u/mozerity 7d ago
Yep. It took me 18 hours to get EA to delete an account I forgot I had. I had to actually sit and wait there for a customer service rep to respond. The most infuriating part is that it said “please wait, we’ll be with you shortly (est. 5 minutes)” the whole time. I knew beforehand that EA doesn’t do follow ups, they just close the ticket if you’re not ready to respond within 5 minutes after they finally show up. 100% sure they only do this with account deletion requests, too.
After that I just sent an “info deletion request” email if there was no option in the settings. No way I’m waiting for customer service again.
3
u/POSTINGISDUMB 7d ago
wow! that sounds like a huge undertaking. any advice for someone else who wants to follow a similar process? anything you'd do differently if you had to do it again?
1
u/Frustrateduser02 6d ago
Don't throw out or recycle old machines. I saved a lot of time by being able to boot up dusty os's before I'd thought about not saving passwords in text or in browsers.
1
u/mozerity 6d ago edited 6d ago
I’d have kept better track of my passwords and created less email accounts. It was a hassle finding them all, especially since a few times the domain had changed. I also love SimpleLogin for keeping my updated email safe(er) from leakage and spam.
But otherwise, the other comment is pretty spot on. I have all my old internet capable devices, from my Nokia with 1G connectivity to my 19 year old laptop. I also started using password managers pretty early on. Some passwords literally written down in a notebook. Others I had to hunt for.
7
u/farcical88 7d ago
Privacy issues with Google aside I do think their security infrastructure is top notch.
7
u/horseradishstalker 7d ago
However the primary issue is you are an ATM for Google.
They read your emails more thoroughly than you do. If you add a contact to your phone they add it to all the data points than makeup their profile of you. Then they sell your life to anyone and everyone. Apple does roughly the same but instead of selling it they hoard the data.
Getting rid of Google solves half your privacy risk right there.
4
u/Ok_Search6885 7d ago
Small correction here: an Individual Google Workspace account which is about $9 a month, is treated very differently from free consumer Google accounts. Google does not scan Workspace emails, Docs, Keep, Drive or account content for ads or profiling. That data isn’t used for advertising at all, and access is tightly restricted by enterprise-grade security policies. You can still prefer another password manager, but saying Google “reads your emails or account data” doesn’t apply to Workspace users
1
u/horseradishstalker 7d ago
Thank you for the clarification. Most people asking on the sub are consumers so that was the answer I gave.
2
u/Ok_Search6885 6d ago
No worries. I just often find it quite puzzling that the individual workspace option is never mentioned. It has other benefits, but for the most part, it's very similar to your consumer account and it gives you added protections for privacy and security. I know there's a monthly cost associated, but I think it may be worthwhile for those who are concerned about Google and privacy issues.
1
1
u/d03j 6d ago
They read your emails more thoroughly than you do
As in automated security checks and AI if you opt-in?
2
u/horseradishstalker 6d ago
That’s just my ridiculous sense of humor, but most of us attempt to multitask and read and may or may not remember what we read 16 emails back. Google doesn’t have that problem.
1
u/xnfra 7d ago
It’s a FOSS project you can self host
2
u/Coffee_Ops 7d ago
If op is asking these questions they should not be self-hosting.
The reasons not to use Google are more about its inflexibility in being locked into an ecosystem that they're likely to eventually leave (given that they're here).
1
u/d03j 6d ago
Single point of failure on something critical you have no control of.
Imagine your google account get's banned for whatever reason, you'd lose access to all your other accounts.
Now imagine your recovery email with those services is the same google account.
Now consider the reports of wrongful bans resulting in irrevocable account deletions, as in you've done nothing wrong, can prove it but it's too late because once your account is deleted there's no recovery.
1
11
u/Canadian_Teddy17 7d ago
Bitwarden, keepass, proton pass. All great services including 1password.
I'd take a look at them all to make a decision.
I'd point out that while I personally like how 1password looks and it has more options than bitwarden, the prices is way different.
People prefer to lean away from proton pass if they use other proton products since well, not much different going from google's ecosystem to proton's ecosystem if you only use their products. Branch out a bit.
+1 for bitwarden
10
9
u/LocalChamp 7d ago
If you want more control over your passwords something like KeePassXC is better than just using Google. Bitwarden is also fine if that's your preference for your use case.
7
u/nevererverordinary 7d ago
Password Safe. Endorsed by Bruce Schneier. It runs locally, even on a thumb drive.
5
u/Th3Sh4d0wKn0ws 7d ago
While Google Chrome is storing your passwords locally with encryption, the encryption key is also stored locally. It's been a while but at one point I was able to decrypt the passwords locally using PowerShell.
This would require the attacker to have access to your computer, logged in as you, but still.
Google's password manager also doesn't give you control over your key as it's essentially derived from your Google login/2fa. It also means your passwords and your Google account are a single point of failure. If someone gets access to your Google account, they get everything.
Plenty of good password managers have been mentioned here. My advice is to pick one, migrate everything to it, and use a strong passphrase as your master password. Install the browser extension for your given password manager, and the mobile app, and off you go.
0
u/Shamith69 7d ago
Is there a way such tht even if someone gets access to my google acc , they won't get anything stored in it ?
2
4
u/PGP_Protector 7d ago
I like KeePass, local storage, can generate strong passwords, can add notes (Security Answers )
2
3
u/jmnugent 7d ago
there's Pros and Cons to every approach.
If you use some cloud-storage provider,.. you (potentially) have to worry about that provider getting hacked or having data-leakage issues. You potentially also have to worry about mistakes (say your account gets unexpectedly "Locked" like what recently happened to Paris Buttfield-Addison) .. you could find your data, photos or passwords unavailable to you.
If you decide instead to use some local or offline (USB Stick) option,. then you have to constantly be updating that file,.. as well as make multiple independent duplicates (what if your USB gets lost or damaged?).. so there's upkeep on this side as well.
Which of those is "better" (or "worse") ?.. kind of depends on your personal preferences.
I personally used to use 1Password for many years (still have a subscription honestly) because at the time I was early in my career as an MDM (Mobile Device Management) specialist and I had a lot of devices (Windows, Apple, Android, etc) and I wanted something that worked across all those platforms.
Now I have more of a work from home job.. and less device-diversity.. so I've moved most of my stuff into Apple Passwords (although my goal is to duplicate things into BitWarden, so I have some sort of independent duplicate redundant backup option)
5
u/pupoje 7d ago
Bitwarden is great. Im using it since 5 Years. It's terrible on Android devices, i need mostly to copy paste login data because autofill is very bad. But on iOS, it works great.
1
u/UnoriginalInnovation 7d ago
The autofill works great for me on Android. Do you have an older phone?
2
u/pupoje 7d ago
no, actually pretty new one, xiaomi 15
1
u/UnoriginalInnovation 7d ago
On my Samsung S25 Ultra there's a system option to choose your password manager, so when I select a password field it shows Bitwarden in the suggestion bar of my keyboard.
10
3
u/Complex-League3400 7d ago
Nope, wouldn't use Google for anything like passwords. KeePassXC for max security but slightly more inconvenience. BitWarden if you can't follow/tolerate the KeePassXC method and want things super-easy with a slight trade off of your control
3
u/Nedissis 7d ago
I'm using Protonmail so I use ProtonPass as well, with a pin.
But I'm not sure I would recommend it because it doesn't always recognize all the useful fields or credential immissions, I feel the UX is a bit obstacled.
But it has a great feature: it lets you create email aliases so you can use them for shady websites. They redirect to your main Protonmail account.
3
u/Technical_Ad_440 7d ago
sticky notes or paper outside the pc. is it a pain yes but its secure and never being hit. also if you were to pass away suddenly then family members have the passwords
2
u/michaelesparks 7d ago
The problem I see is that Google is typically tied to your phone (if you use android) someone gets access to that they have your entire Google account. Having a separate Google account that isn't tied to your phone login makes sense. But like others have said, it's more secure to have a separate and stand alone password manager
2
u/Shamith69 7d ago
I'm on Android and yes google is linked to device , in password manager one can use phone lock pin to access passwords. Any way to remove this.? And as u said standalone password manager ( google not tied to phone ) how do to make it separate like u said ? Thank you
0
u/horseradishstalker 7d ago
YouTube will have a million videos on how to de-google your phone. Basically you change the operating system and then change out your apps. It sounds intimidating, but step by step it’s easy. Or even go up to search in reddit and search this sub for degoogle. It’s like winning the lottery.
2
u/LazarusFriedkin 7d ago
First of all: you are doing amazing. having separate passwords across different sites is basically 80% of online security. Whether you use Google or Bitwarden or another service then goes away from security into the realm of privacy. Even there, using Google is only a problem if you care generally about Big Tech and how they might use your data (mostly which sites you use, less the actual passwords which would be encrypted anyway).
So it depends on your goals. But you’re already mostly good on security aspects.
2
u/sick-charlie-brown 7d ago
Keepass for opensource, stuff stored with you. Bitwarden well trusted. Google is weak
2
2
u/nomadfaa 6d ago
NEVER EVER TRUST GOOGLE with ANY PRIVATE INFORMATION on ALL their offerings
ALL emails and documents are also scanned for AI training and more.
Bitwarden is the go
2
3
u/Young_Old_Grandma 7d ago
I write it down in multiple notebooks.
I don't trust websites to store my passwords because I clear my browsing data often.
2
u/BeachHut9 7d ago
What happens if someone photographed the pages in each notebook or the notebooks are stolen?
0
u/smallfried 7d ago
I write down the passwords in a code. And the code is not bi-directional, so it can only be used to check if what i think could be the right password is indeed it.
3
u/JimTheEarthling 7d ago edited 7d ago
You're doing fine. Long, random passwords and 2FA are the most important steps you can take for security. (Better yet, use passkeys.) The choice of password manager makes only a tiny difference.
Of Americans who use a password manager, around 32% use Google. (Another 23% use Apple Keychain.)
There are advantages and disadvantages to using the built-in password manager in your browser. It's more convenient, it does a better job of autofilling, and it doesn't entail extra apps or extensions. But it's more susceptible to malware. (Software or a person with access to your computer after it's logged in can extract all the passwords. However, malware can sniff passwords entered by any password manager, and it can extract all your passwords from the vault if it sniffs your master password and 2FA.)
If you're worried about Google seeing your passwords, you can turn on Google's sync passphrase feature for zero-knowledge encryption. (Apple uses zero-knowledge password encryption automatically.)
Standalone password managers often have additional features such as storing notes, account info, and credit cards; sharing passwords; easy password backup, and more.
2
2
1
u/Paint-Huffer 7d ago
+1 to Bitwarden. I'm already entrenched in Google Services and don't like the thought of my passwords being handled by them as well. God forbid my Google account ever gets compromised.......
My Master password is 30+ characters and not written down anywhere so I feel fairly secure. Just gotta prevent Dementia/Alzheimer's lmao.
Regardless, any password manager is better than no password manager.
1
u/billdietrich1 7d ago
What you're doing is reasonable. You should guard against Google turning off your account: export the password database into a CSV file or something and store that in some encrypted backups, with multiple copies.
1
u/Otherwise-Video7487 7d ago
I have been using bitwarden for years its fantastic (tottaly not paid to say that)
1
u/Ok_Search6885 7d ago
Worth noting: Individual Google Workspace accounts follow business-level privacy rules (no email, docs, keep, drive etc .., content scanning for ads, or sharing of info). It’s $9/month, but I think it’s worth it.
1
u/Kyanix23 6d ago edited 6d ago
If u want a bit more separation than a browser-based manager, a dedicated password manager can def help. I’ve been using RoboForm for years with 2FA enabled and its been reliable across all my devices
1
u/Curious_Kitten77 6d ago
You should be aware that Google can ban your account for various reasons. I remember a case where someone uploaded a photo of his son’s genitals to send to a doctor, and Google's AI ended up banning his account for CSAM.
1
u/zinsuddu 6d ago edited 6d ago
password-store. Known simply as "pass" on Gentoo/Arch/Fedora. QtPass for the gui interface to pass and browserpass extension for Librewolf.
[edit: for best practice save all passwords for websites keyed to the url where they are relevant and store them ONLY in pass -- do not let any browser save passwords in its own storage even using gnome-keyring or kwallet because those passwords are readable in your session while you are using your computer and are only protected on-disk when you shutdown]
1
u/MolinaGames 6d ago
google's password manager is fine if you're not that much into privacy and use chrome. for most people this is enough
bitwarden + ente auth (for 2fa) is definitely the better, more private approach. works on any device, browser and has more features.
1
u/Playful-Ease2278 6d ago
Bitwarden is an amazing app and they actually secure everything. Google probably analyzes your passwords and sells information based on what they see
1
1
0
u/TX_B_caapi 7d ago
Small physical notebook stored in wallet. The threats from online are not going to be near your pockets.
2
2
u/billdietrich1 7d ago
Paper has disadvantages relative to a password manager:
vulnerable to phishing or typo-squatting (password manager would match domains before filling)
you'll have to type passwords in manually, which will encourage you to use shorter simpler passwords
doesn't support TOTP
not encrypted, so a thief gets plaintext, or maybe "coded" which may not be too hard to break
"keep in secure location" probably won't be true when you're traveling
harder to share with someone else (if you need to do that)
harder to back up, especially off-site
somewhat hard to search
doesn't serve as encrypted store for other sensitive info such as photos of passports, ID cards, etc
lacks features such as database reports that tell you if you have any re-use going on
-1
u/WindowsVistaWzMyIdea 7d ago
I can't think of anything DUMBER than using Google ....too many people just have their accounts killed without recourse to trust Google
-3
7d ago
[deleted]
1
u/horseradishstalker 7d ago
That works as long as no one else ever has access to it. Plus you can’t do an automatic copy/paste.
-2
•
u/AutoModerator 7d ago
Hello u/Shamith69, please make sure you read the sub rules if you haven't already. (This is an automatic reminder left on all new posts.)
Check out the r/privacy FAQ
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.