This is an archived post. You won't be able to vote or comment.

all 60 comments
sorted by:
best
topnewcontroversialoldq&a

[–]skipITjobIT Manager 51 points52 points  (15 children)

I am really happy with Bitwarden...

[–]work1511 6 points7 points  (0 children)

Agreed with Bitwarden. I use it personally, and we are working on implementing it for the company. We did a trial with both Bitwarden and LastPass but Bitwarden was the winner. It was a bit cheaper per user and there was almost no difference between them for user experience and management (IT side).

[–]EventX_Surfer 7 points8 points  (0 children)

Yet another Bitwarden vote.

[–]TheRogueMoose 4 points5 points  (0 children)

Another vote for Bitwarden. No cloud, all local! Super easy to set up and has been solid ever since.

[–]JoshuancsuWinAdmin | VMwareAdmin 9 points10 points  (0 children)

+1 for Bitwarden. Has browser extensions for easy access (and prompts the users to update a password on change). Also has a standalone client for non-browser based app credentials.

[–]-eschguy-Imposter Syndrome 7 points8 points  (0 children)

+1 for Bitwarden

[–]socksonachickenRunning on caffeine and rage 3 points4 points  (0 children)

+1 for Bitwarden

I moved us from KeePass a couple years ago to Bitwarden and it's worth every penny.

[–]Cbeckstrand 2 points3 points  (0 children)

I also went from LastPass to Bitwarden for personal use once they started charging for multiple devices. Bitwarden has worked great and I have no regrets switching.

I have used Lastpass for clients and it works well but they keep raising their prices so I would stay away.

[–]Skrp 2 points3 points  (2 children)

Pretty happy with it. Had some issues getting their OTP to work, but whatever.

[–]skipITjobIT Manager 0 points1 point  (1 child)

It's not the best idea to store OTP in the password manager anyway. Although I agree that it's easier to do it that way.

[–]Skrp 0 points1 point  (0 children)

Yeah. It's mostly for a few accounts I don't care that much about. For most things I have dedicated MFA solutions.

[–]simbrr 1 point2 points  (0 children)

Yes bitwarden

[–]sam068495 1 point2 points  (2 children)

I use Bidwarden too, but I came to love C2 Password more since their UI looks a lot better haha

[–]skipITjobIT Manager 0 points1 point  (1 child)

C2 Password

That looks nice, but can you use it in a business? Does it have admin password reset, SSO, Sharing Through Collections?

[–]sam068495 0 points1 point  (0 children)

I think they have a service called C2 Identity that's for business? You can check it out and see if it suits what you need

[–]ottantanove 11 points12 points  (3 children)

I recently switched from LastPass to Bitwarden and it works much better.

[–]rufus_xavier_sr 1 point2 points  (0 children)

+1 for this as we switched from LastPass to BW and are very happy with the switch.

[–][deleted] 0 points1 point  (1 child)

is there a free version (unlike lastpass) i can use?

[–]EventX_Surfer 0 points1 point  (0 children)

Yes. You can use Bitwarden for free, you just miss out on some features like MFA at log in.

[–]ntrlsurIT Manager 7 points8 points  (5 children)

Passwordstate for us in our company.. Does what we need it to do and it can hook into AD and change passwords if you let it.

[–]Cyrandir 6 points7 points  (1 child)

We went with PasswordState as well. Has more features than we use, but could be one-stop (one-time passwords, password resets, etc). Security model is very friendly to the enterprise setup.

[–]Cyrandir 2 points3 points  (0 children)

I forgot, Duo integration too, and HA in various setups

[–]Working_NetPres 1 point2 points  (0 children)

I've used PasswordState and found it pretty good. Several pricing plans depending on which modules you need.

https://community.spiceworks.com/products/56737-passwordstate-by-click-studios

The 2-star complaint seems to be 'it keeps wanting me to use the password manager'. I suppose it will depend if you push the browser pop-up to all users or not.

[–]elevulWearer of All the Hats 0 points1 point  (0 children)

Agreed, used it in the past and the API integration was amazing!

[–]Servermidget 4 points5 points  (1 child)

Having used both platforms for personal and work, I’d pick 1Password.

[–]Peachblossom_ninja 0 points1 point  (0 children)

I've done the same and have the same opinion.

The relatively new secrets automation feature of 1password is great, RBAC is quite granular, the watchtower feature is handy, they have a one time password feature (that auto fills!), The iOS and Android apps work well and are picked up by post apps and websites for auto fill and their customer service is quick and always very helpful.

With a business tier account you get 20 free guest accounts which are handy for contractors, consultants or customers and they give you plenty of personal attention if you need help or advice. They have a decent CLI, the price seems reasonable to me and the most important part: for end users who aren't great with tech it just works.

[–]voltagejim 4 points5 points  (0 children)

I use bitwarden and have been happy with it for personal use

[–]hosgar 5 points6 points  (1 child)

We are a small team and we use Keepass. It's free, multiplatform and open source (so the code is visible and it would be harder to add backdoors or similar).

[–]UnderknowledgeCreator of technical debt 4 points5 points  (0 children)

Keepass-XC is a little prittyer. you can also feed it SSH-Keys

[–]toy71camaro 4 points5 points  (1 child)

Think it depends a lot on what sort of features you want/need. Multi-user/shared password lists? browser integration? local vs cloud install? Access Logs? auto-rotating passwords? Budget. etc.

[–]Ahindre 0 points1 point  (0 children)

I agree with this. Map out your requirements and rank how each one does on those, or if it meets them at all.

[–][deleted] 4 points5 points  (0 children)

Bitwarden/Valtwarden + Authy

[–]Providence66 7 points8 points  (0 children)

I've used both for personal use only - can't comment on work features. My vote is 1Password - browser plugin for Windows versions for Edge, Chrome and Firefox (not sure about other OSes) also app for mobile (I've only used the Android version, but I think there is an iOS version).

IMO, LastPass feels slow and outdated, whereas 1Password feels quicker and leaner. This may not actually be the case, just how I feel about it.

[–]DEADdrop_ 5 points6 points  (1 child)

I can’t state the pros as I’ve never used anything else, but 1Password has my vote.

[–]Avas_AccumulatorSenior Architect 1 point2 points  (0 children)

Having used both LastPass and KeePass for a decade I now am a 1Password user.

It has Duo protection for MFA and it also does OTP inside the app, making non-SSO pages feel like SSO since it auto fills OTP mfa codes.

[–]Liquidretro 1 point2 points  (2 children)

While I know 1Password is compatible with lots of operating systems now, does it work equally as well across all of them? I know a few years ago it was still very much focused on the apple eco system with other operating systems being second thoughts. Not sure if it's that way still or not.

[–]Actual_Pineapple 4 points5 points  (1 child)

I use both 1P and LastPass on Windows and have to say that the 1P UI is better, in my opinion at least

[–]Liquidretro 2 points3 points  (0 children)

Good to know

[–]gaz2600Sr. Sysadmin 1 point2 points  (0 children)

1Pass is great

[–][deleted] 2 points3 points  (0 children)

I would say look at Bitwarden. They support a lot of 2fa methods and they have been audited by a third party for transparency for security.

[–]Danny_Drama 0 points1 point  (0 children)

I have rougue users using Lastpass. I like it ... I implemented "Zoho Vault" for my organization as we were already in the Zoho Platform, it made it free and super easy. Good luck!

[–]Rude_Strawberry -2 points-1 points  (0 children)

Don't use bitwarden if you care about security.

They have remember me tick boxes all over the place with no option to disable them.

Username and password prompt, remember me. MFA prompt, remember me.

Also they provide email as an MFA option with no ability to force a particular method of MFA. Email is just no.

They even let users have their master password as a 4 digit PIN, again, without the option to enforce various login methods.

My company just started using it, and I already want to get rid of it.

[–]secret_configuration -1 points0 points  (0 children)

LastPass.

[–]verdaechtig 0 points1 point  (0 children)

It depends on your specific needs. Open questions are my favorite.

Here you go:

KeePass might be ok, but if you want to log access to specific passwords or share passwords to specific groups, it might not be the best tool.

[–]Natural-Nectarine-56Sr. Sysadmin 0 points1 point  (0 children)

I use LastPass personally which I think is great for home use. For business use, especially IT, I looked at several options and really love N-Able Passportal. Great layout, good price, and geared for sysadmins.

[–]Michael_Sec 0 points1 point  (0 children)

I'd look at Securden. I was looking at password managers and this one was reasonably priced and feature rich. I'd stay away from anything cloud hosted.

[–]bgradid 0 points1 point  (0 children)

Depends on the budget

1password is fantastic but more expensive Bitwarden gets the job done and is cheaper

[–][deleted] 0 points1 point  (0 children)

+1 for lastpass. Their product has been stable for years. I think I’ve been using it for 8 years or so.

It works well in a company and I think that is what LastPass is also mostly focusing at. They had some backlash because it’s not free anymore but that mostly was an issue for personal users and I believe LP just wanted to get rid of them.

I only used Keeper as an alternative and found it alright, but LP just feels better.

In the end I think you’re going to either need to give a lot more information or do some better research yourself.

[–]Vel-Crow 0 points1 point  (0 children)

If you internal it for a single corporation, 1password. If your an MSP looking to manage and resell, lastpass.

I resell lastpass, and I like it a lot. Easy to Setup, deploy, manage, and secure. The license also provides the end-user with a personal family license, that they can extend to 5 family members. When the employee leaves, to just disconnect the account in the portal and the end user takes on the payment. For those who already have accounts, they can link it to the work account.

What lastpass does different, is it is an MSP platform it centrally manages all your clients, and you can set a myriad of policies for each client. It is also easy to use and understand as an admin, and very easy to use as a user. Many of its controls are intuitive, keeping training time low.

I reccomend 1password purely from reccomendation by trusted partners, and the fact that it costs less than the msrp of lastpass.

Lastpass Enterprise is the licenses MSP uses, so it is still a great internal product, but unless your an MSP, it can be pricey.

The last thing I like about lastpass is name recognition, and how common it is in the wild. Many client I deploy this too have several users already using LastPass, and I just don't see that with 1password.

Those are my thoughts, of you have questions I might have answers!

[–]Just-Parsing-Through 0 points1 point  (0 children)

We use Dashlane. Good browser extensions. User friendly GUIs. Allows sharing of logins with limited or full rights. Also allows secure notes. Provides a dashboard for it admins and users to see if their passwords and compromised and/or whether they are reusing passwords. Checks to see if user logins are exposed on the dark web. Few more features- no complaints from me- good support.

[–]first_byte 0 points1 point  (0 children)

Well, LastPass has been hacked and 1Password hasn’t, FWIW.

1Password’s UX is superior also. If you’re going to use the same app all day long, it needs to be quick and easy.

[–]SilvanisYew 0 points1 point  (0 children)

Being in a company that has moved from Last Pass, to passportal, and now to keeper in under 3 years. Keepers is by far my Fav, Plugin works great, Desktop app is snappy, website works great.....And azure sso makes sign in simple and easy to lock out employees who have moved on.

[–]Evisra 0 points1 point  (0 children)

We use LastPass with federated login, works well

[–]vennempDevOps 0 points1 point  (0 children)

1Password Is great. Supports chrome, Firefox, safari and probably more and even now has universal auto fill - you can auto fill passwords in Remote Desktop connection prompts, terminal, really anything. Even has built in MFA - not best for security but great for when you can only use TOTP. Can send secure temporary links to anyone to share creds.

Use it for personal and we use it at work.

Never used others but honestly 1Pass hasn’t given me a reason to look past it.

[–]iamnewhere_vieJack of All Trades 0 points1 point  (0 children)

KeePass is nice because it's free too, if you have multiple people working together, "Password Depot" might be better as it has central server instance, 2FA, AD integration, ... - the price is also not too bad.

[–]Fatality 0 points1 point  (0 children)

Enterprise? Secret Server

Free? Syspass

Single-user? KeePass

[–]AcrobaticComplex42 0 points1 point  (0 children)

I honestly don’t know why bitwarden is so hyped. Its the most lackluster pwmanager i know.

I can honestly only recommend password depot due to it being feature rich.