Here's the deal with those online password managers: They are accessible to hackers who are just as good at what they do as the security programmers.
So my preference is for
Password Safe, for this reason: I control the data file. The program makes an encrypted file of all of your passwords so that you only have to remember one master password. Mine is 18 characters and I could type it out in my sleep.
But the crucial difference is, unless some professional hacks into my laptop, finds this file, and solves an 18-character password, there is little chance of chicanery. Being a small fry, I doubt anyone will take the time and effort in my case.
"Whoa, buster. That's fine for your laptop. What about your phone?"
Well, it so happens that another kind soul, and again for free, has designed an app for
Password Safe. The only trick is, when I update my passwords file on my laptop, I must remember to copy the file to my Google Drive. Then I download it from my drive to my phone, overwriting the old file. Of course, the file on Google Drive is immediately and permanently trashed.
I do NOT allow browsers to remember by login data. That's asking for trouble. Yes, it's a minor hassle to need to open Password Safe and copy over the data (it does have a nifty, customizeable auto-type feature, though) but I would rather do that than cleaning up after a data breach. Over the long run, you think BitWarden is going to be any better than LastPass in that regard?
I come across discussions like this in various places. I am surprised that Password Safe gets so little mention. Why is that? Because of the extra little work that is involved. Sad, really.
