Katja

Ditto.

gfunkdave

Come to think of it, any "cloud based" solution would be stored on the company's servers. The OP actually seems to want a local solution whose database he can copy to Dropbox or another cloud-storage service.

alan19

My understanding is that 1password actually uses dropbox to sync rather than it's own company servers.

dtsm

1Password gives you options to save on your computer, iDevice and/or dropbox. I have it installed on my MacBook, iPad 2 and iPhone 4s, plus dropbox....i sync once a week.

I don't any banking or credit card payments, paypal, etc. on my iDevices, only on MacBook and always with VPN opened. But I do shop on amazon, book plane tickets, etc. on my iDevices with VPN. I don't even know what the passwords are for most of the sites, I let 1Password generate them, and all I remember is my master password.

ryandelmundo

I went thru this a few months back. I couldn't find anything I liked. I found them insecure - they didn't ask for a master password to get access to sites.

I asked people about this and they said you need to secure your computer. This is silly, we all share our computer from time to time.

In the end I stuck with the Mac keychain which does ask for a password to access your other passwords.

Did I just get it wrong in my limited testing?

FlyingDiver

I think you must have.

I use 1Password, and it requires a password to access the password store. You can set a timeout for how long it'll stay unlocked each time you provide the password. I expect the others do something similar.

gfunkdave

You can set LastPass to require a password every time, too.

Steph3n

KeePass has a master pass and if minimized asks for it when maximixing, unless you change the settings...

dranz

I trust the LastPass cloud a LOT MORE than I trust DropBox. DropBox is
the poster child for inept security.

I do wish that LastPass would provide an option to disable cloud storage
and sync on a site-by-site basis. There are some passwords that I simply
do not trust to any piece of software/storage.

My opinions of various password managers. Fine if you disagree. Everyone
gets to make their own decision.

The Good:

. . . . LastPass

. . . . Strip Lite Password Manager

. . . . Safe Wallet Password Manager

. . . . mSecure Password Manager

. . . . 1Password:

The latest edition has been changed to address the
problems of the earlier editions. Avoid the earlier
editions because .... they pad the master password
rather than hashing it, before encrypting it.

. . . . DataVault Password Manager

Hashes the password using SHA-256 and stores (only) the
hash (a good thing) in the iOS keyring (another good thing).


The Bad - Not Quite Good Enough:

. . . . My Eyes Only Secure Password Manager:

. . . . . . . . Maybe "good" - but only if you encrypt your backups.

. . . . . . . . Uses unsalted 512-bit RSA - not good-enough given that
. . . . . . . . rainbow tables exist for 512-bit and 768-bit primes
. . . . . . . .
. . . . Password Safe:
. . . . aka: iPassSafe

. . . . . . . . Can be cracked too easily because they pad the
. . . . . . . . master password rather than hashing it (before
. . . . . . . . encrypting it).

. . . . Keeper Password & Data Vault:

. . . . . . . . Does not "salt" the password; therefore vulnerable
. . . . . . . . to rainbow table attacks (instant and/or offline cracking).

. . . . SplashID Safe:

. . . . . . . . The master password is hard-coded in the application.
. . . . . . . . Not user changeable. Perhaps this belongs in the next
group ... . . . .

The Ugly:

. . . . Safe
. . . . aka: Safe Password
. . . . aka: Awesome Password Lite
. . . . aka: Password Lock Lite

. . . . . . . . All user account & password data is stored as plain-text.
. . . . . . . . No encryption whatsoever.

. . . . iSecure Lite:

. . . . . . . . All user account & password data is stored as plain-text.
. . . . . . . . No encryption whatsoever.

. . . . Ultimate Password Manager:

. . . . . . . . All user account & password data is stored as plain-text.
. . . . . . . . No encryption whatsoever.

. . . . Secret Folder Lite:

. . . . . . . . All user account & password data is stored as plain-text.
. . . . . . . . No encryption whatsoever.

ryandelmundo

Thanks for the thread and advice! I went with LastPass cuz it's free (for my Mac anyway). It's great - although I don't see the timeout that maybe 1Password has. But I do have it setup to require passwords on login.

gfunkdave

Look under Preferences -> General. The top of the page has two options: Auto logoff when all browsers have been closed for x minutes, and Auto Logoff when idle for X minutes.

annabanana24

travelingdave

I've been in the market for a password manager. I don't know enough about them to know what to get or who to trust. A friend recommend Dashlane, so I'm inclined to try it. Sounds convenient enough, but how do you like it?

annabanana24

I'm all for Dashlane. I tried another software before it, but I like it the best. It's easier to learn, and it helps me keep track of all my logins, which as a FF, you can imagine is a lot

Steph3n

Has 'dashlane' hired forum spam bots?!

This sudden influx of newbies promoting it certainly makes me wonder...