These days there are plenty of password managers out there, all providing the same base promise; making you more secure by using random password for each of the accounts you have. Obviously this has one caveat, where you have “all eggs in one basket”. If this account gets compromised, attacker would have access to all of your credentials. Debating pros and cons and what is best for general population though is beyond the scope of this article. Let’s just say I’m firmly on the side for password managers, because alternatives suck.
Out of the available password managers, I really like and have used the following:
- LastPass
- Pass (pass)
- Enpass (with sync to OneDrive)
- Bitwarden
- 1Password
When password managers started becoming more and more popular LastPass was pretty much THE player in this space, and it was also my first online/cloud password manager. With time, I grew tired of it. Polish just wasn’t there; extensions sucked, and desktop app even more - in additon to that, Linux app was non-existent. They also lost my confidence with the security issue they had at the time. In the end, I decided to abandon it in favor of GPG files managed by pass.
Pass is just a simple wrapper (shell script) around GPG files, and it has good integration with Git. Really simple, yet exremelly powerful implementation. There were certain challenges with this tool, but nothing major. I managed to tackle almost all functionality I ever wanted, including syncing, using on mobile phone etc.
Although I really liked the approach of having open format such as this, and I already have GPG keys to take care of, in the end I abandoned it for Enpass as I had to tackle password needs of my family too, and it was easier to for them to use graphical program such as Enpass. In order to better support them I made a concious decision to use Enpass for my own credentials as well.
Initially, I purchased Lifetime edition of the software for each of the family members, and this is probably the last time I do so for the reasons beyond the scope of this entry (TL;DR licensing changes suck, and there’s no real “lifetime” license).
Program itself is a bit of an 1Password clone when you first look at it. It does its job, supports syncing to many popular cloud providers such as Dropbox, OneDrive, Google Drive, Webdav, Nextcloud, etc. and has nice desktop and mobile clients. Free version at the time had restriction to use up to 10 or 20 (I don’t really remember) entries within the Vault.
Usage was clunky at times, especially when I wanted to share some credentials with them. I basically had to have one central Vault which would be configured in all clients - and then the question is how to authorize for syncing? Or, I was the central person that had all vaults configured in my client and then copied password entries to theirs. This also meant they had to have absolute trust in me since I had all of their credentials. This basically sucked, but we used it for some time and it was manageable. Not great, not terrible either.
Later on I started exploring Bitwarden as the next password manager replacement. It is a great password manager, with great features, but similarly to Lastpass, it lacks certain polish. There are server-side implementations you can use to host your own bitwarden server, which is certainly a bonus.
With Bitwarden, I didn’t go through the trouble of switching my family members to it, instead, I first evaluated it for myself. It was great, but as I said, it lacked certain features and polish. Switching password managers is always a hassle, and in order for me to make a decision to switch, I have to be amazed by the product. Bitwarden unfortunately was not amazing for me. I have used it for more than a year, and have had a premium personal plan, so I had some time to really evaluate it.
Few months later there was this campaign by the 1Password where if you donated certain amount to LetsEncrypt, you got certain percentage off the yearly plan. At the time, I was already using 1Password at my workplace and was pretty happy with it, but didn’t really consider it as a home-usage contender. So when I heard of this promotion, I jumped on a wagon, donated to LetsEncrypt and got my promo code for 1Password. I immediatelly set it up for the whole family and made a migration to it.
To this day, I have nothing else except the praise for the 1Password folks. They have developed an amazing product which is very polished, very powerful, yet very simple to use.
I remember when I first heard of 1Password, they were oriented “MacOS first”, but these days they are developing clients for each major desktop, including Linux! And that client is not just some broken and hacked together thing, NO, it a real piece of art, with proper desktop integration, CLI client, system authentication (fingerprint unlock etc.).
Since it is a paid service, it makes sense that you have the support available. And what a support that is… They made my day when I reported one bug regarding yubikey authentication I had on Linux. Not only they fixed it within two or three days, but I received like 4-5 messages notifying me about the progress. Isn’t that amazing? In the end, they provided a fix, provided instructions and asked for a feedback.
Nowdays, I’m still a happy 1Password camper. I use family plan and my family loves it too. It is a bit more expensive than the alternatives, but it is also far better in features it offers, simplicity, and the support for all of the major platforms.
So if you’re on the fence about which password manager should you use, or wondering if it’s worth the money; my answer is pretty loud and clear: Use 1Password! It is well worth it!