alt Hacker NewsAt this point it is too high of a risk to store my password elsewhere. I've been screwed over by dashlane, lastpass, potentially bitwarden now, I am with 1password now, but I've had my passwords in all these places, and I've had to change them each time, probably missing a few.
I like 1password, it is by far the highest quality product I've used in this category. I moved from BitWarden back then because their browser integration was quite poor.
I think I'll move to something custom, or a selfhosted keepass server, with the rugpulls, incidents, and whatnot, it is becoming too high of a risk.
Replies
keepass files + syncthing works very nicely for me.
For non technical people, I just recommend to use the browser built in password managers. traviso has a good writeup why: https://lock.cmpxchg8b.com/passmgrs.html
Serious questions: what's wrong with just using Firefox built in password manager?
Keepass has been my go to since forever, highly recommend. I never jumped on the SaaS password manager train when they started coming out, always just kept it local. There were times I thought I was missing out on some convenience but I'm glad I never moved.
Depending on your threat model, you can even just keep the .kdbx in cloud storage somewhere and point your keepass client to that. I'd recommend using a keyfile in addition to your master password though so that if anyone does happen to get a hold of the database they can't just make brute force attempts against it.