Google Password Manager seems convenient but I'm not sure if I should trust it

I've been using Google Password Manager for a while now because it's built into Chrome and my phone so I didn't have to think about it. But lately I've been reading stuff online about whether it's actually secure or if I'm just being lazy by sticking with it. The thing is it works fine and syncs across all my devices automatically, but I keep wondering if Google having access to all my passwords is actually a problem or if I'm being paranoid.

Google is literally an advertising company. Like their whole business model is data collection so even if they say my passwords are encrypted and safe, how much do I really trust that? I don't want to be the guy who gets hacked because I was too trusting. At the same time switching to something else seems like a hassle when everything is already set up.

I've heard people mention Bitwarden and 1Password as alternatives but I don't know if they're actually better or just different. What would I actually be gaining by switching? Is Google Password Manager legitimately insecure or am I just being paranoid about a company that probably doesn't care about my specific passwords?

reddit.com
u/RevolutionaryWar9496 — 22 hours ago

Is there actually a best password manager?

My email got hacked last month and it scared me enough to finally do something about my passwords. I've been using variations of the same three passwords for like a decade and I know that's terrible but I didn't know where to start with fixing it. Now I'm looking at password managers and there's so many options that I'm more confused than when I started. Everyone seems to have strong opinions about which one is best but they all say different things. Some people swear by Bitwarden, others say 1Password is worth the money, and then there's people who are really into the open source options like KeePassXC or Dashlane. I don't even know what the differences really are between them or what matters most when choosing one. What I really want is something that's easy to use but also actually secure. I don't want to spend hours setting it up and I need it to work on both my phone and computer without being a pain. Should I just go with whatever is most popular or does that not actually matter? What would you recommend for someone who's basically starting from zero?

reddit.com
u/RevolutionaryWar9496 — 4 days ago

1Password is getting expensive: what are the best alternatives?

I've been using 1Password for about two years and I love the interface and features. But the subscription cost is getting annoying. At 3.99 per month, it adds up to almost fifty dollars per year. I'm wondering if there are alternatives that offer similar functionality without the premium price tag. I've heard about Bitwarden and KeePass, but I'm not sure if they're as good as 1Password. Is it worth switching to save money or is 1Password worth the cost?

1Password is excellent, but it's definitely not the only good option. Bitwarden is the best value alternative. It costs ten dollars per year for premium features or you can use the free version. The interface isn't quite as polished as 1Password, but it's solid and functional. You get the same core features: password storage, encryption, cross device sync. If you want to save money, Bitwarden is the obvious choice. You'll save forty dollars per year. KeePass is free and open source, but it requires more technical knowledge and doesn't sync across devices as easily. Dashlane is another option at 3.99 per month, so it's the same price as 1Password. If you're purely looking to save money, switch to Bitwarden. If you want something similar to 1Password but cheaper, Bitwarden is your answer. The switch takes maybe thirty minutes to export and import your passwords.

reddit.com
u/RevolutionaryWar9496 — 15 days ago

How much safer is a password manager with Face ID enabled?

I've been using a password manager and I'm wondering about the security features. Most password managers have timeout settings where they lock after a certain period of inactivity. They also offer Face ID or fingerprint authentication. I'm skeptical about whether these actually improve security or if they're just marketing gimmicks. If someone has physical access to my phone, can't they just bypass Face ID anyway? What's the real security benefit of these features? Am I overthinking this or do they actually matter? Timeouts and Face ID do make a real difference in security. Timeouts prevent someone from accessing your passwords if they grab your unlocked phone. If your password manager stays unlocked indefinitely, anyone with access to your phone can see all your passwords. Timeouts force them to authenticate again, which adds a barrier. Face ID is more secure than a PIN because it's harder to fake or force someone to reveal. If someone steals your phone, they can't just guess your Face ID. They would need your actual face, which is much harder. The combination of timeout and Face ID creates multiple layers of protection. Someone would need to steal your phone while it's unlocked and within the timeout window, or they would need to force you to unlock it with your face. Neither scenario is easy. These features do matter. Enable timeouts set to a reasonable interval like five to fifteen minutes. Use Face ID or fingerprint authentication. These simple steps significantly improve your security.

reddit.com
u/RevolutionaryWar9496 — 15 days ago

Do I really need a different password for every single account?

Security experts keep telling me to use unique passwords for every account, but that sounds impossible to manage. Right now I use maybe three or four password variations that I cycle through different sites. My logic is that if one account gets compromised, the hackers can't access everything. But remembering dozens of unique passwords seems unrealistic without trusting a password manager, and I'm not entirely comfortable with that. Is this advice actually necessary or am I overthinking it? What's a reasonable approach here?

Using the same password across multiple accounts is genuinely risky. When a company experiences a data breach and your password leaks, attackers will attempt that password on other websites. If you've used the same password everywhere, they gain access to all your accounts. If each account has its own password, they only compromise that one account. The solution is straightforward: use a password manager. You only need to remember one master password, and the manager handles everything else. Reputable services like Bitwarden and 1Password use encryption so strong that even they cannot access your passwords. The security benefits of unique passwords far outweigh the risks of using a password manager. Stop cycling through a few passwords and switch to a password manager with unique passwords for each account.

reddit.com
u/RevolutionaryWar9496 — 18 days ago

USB password managers review: are they actually secure or just inconvenient?

I've been reading about USB-based password managers like KeePass stored on a USB drive, and I'm wondering if they're actually a good option or if they're just overly complicated. The appeal is obvious your passwords are stored locally on a physical device that you control, so you don't have to trust any company with your data. But the inconvenience seems significant. You have to carry the USB drive everywhere, plug it in every time you need a password, and deal with syncing across devices. Plus, if you lose the USB drive, you lose access to all your passwords. I'm trying to figure out if the security benefits outweigh the inconvenience, or if I'm better off just using a cloud-based password manager with strong encryption.

USB-based password managers are genuinely secure, but they're really only practical if you're paranoid about cloud security or if you have very specific use cases like managing passwords for a server. For most people, the inconvenience outweighs the benefits. You have to remember to carry the USB drive, deal with compatibility issues across devices, and manage backups manually. Cloud-based managers like Bitwarden use AES-256 encryption and zero-knowledge architecture, so your passwords are just as secure the company literally can't access them. The real advantage of USB managers is psychological comfort you know your data is physically in your possession. But if you're using a strong master password and enabling two-factor authentication on a cloud manager, you're already very secure. My recommendation: stick with a cloud-based manager unless you have a specific reason to use USB.

reddit.com
u/RevolutionaryWar9496 — 20 days ago

Can someone explain how password managers actually keep your passwords safe?

I understand that password managers encrypt your passwords, but I'm still not 100% sure how they actually protect you. If a hacker breaches the password manager's servers, couldn't they just steal all the encrypted passwords and crack them? What's stopping someone from just brute-forcing the encryption? The security comes down to a few layers. First, your passwords are encrypted using AES-256, which is military-grade encryption. Cracking that would take thousands of years even with modern computers, so brute-forcing isn't practical. Second, the encryption key is your master password, which only you know the company doesn't even store it. This is called "zero-knowledge architecture," and it means that even if hackers breach the servers, they get encrypted data that's useless without your master password. Third, even if someone somehow got your master password, they'd still need access to your device to use it. The password manager uses additional security on your device to prevent unauthorized access. So even in a worst-case scenario where the servers are completely compromised, your passwords are still protected. The weakest link is usually the user if you use a weak master password or you fall for a phishing attack, that's how your accounts get compromised. Does this make sense, or are there specific parts of the security you want me to explain more?

reddit.com
u/RevolutionaryWar9496 — 22 days ago

Anyone moved from Apple Passwords to Bitwarden? What changed?

I've been using Apple Passwords because it's free and works seamlessly with my iPhone and Mac. But I'm realizing it's pretty limited compared to what other managers offer. I also have a Windows laptop that I use for work, and Apple Passwords doesn't work there at all. The ecosystem lock-in is starting to feel restrictive. Bitwarden works on literally everything iOS, Android, Windows, Mac, Linux, browsers, you name it. It's also open-source, which means the code is publicly auditable and you're not relying on a single company to keep your data safe. The switching process is straightforward: you export your passwords from Apple Passwords as a CSV file, then import them into Bitwarden. You won't lose any functionality in fact, you'll gain features like emergency access, password sharing, and more advanced organization options. The main trade-off is that Bitwarden's interface isn't quite as polished as Apple's, but it's still solid. The free tier is actually really good, though paying $10 per year unlocks some nice features. I'm planning to make the switch myself because I need cross-platform support. Does anyone here use Bitwarden long-term and have thoughts on whether it's worth the switch from Apple?

reddit.com
u/RevolutionaryWar9496 — 25 days ago

Google Password Manager vs 1Password: is paying for 1Password actually worth it?

I've been using Google Password Manager for free and I'm wondering if I should switch to 1Password. Apparently 1Password costs $2.99-4.99 per month and has more advanced features, but Google PM is already built into my account. From what I've researched, both are secure but 1Password offers more control and transparency. The question is whether the extra features justify paying when Google PM is already doing the job.

I've been reading that 1Password has better password sharing and secure notes, which appeals to me as useful additions. What's making me hesitant is the ongoing cost and whether I really need those features. What's concerning is Google's privacy practices compared to 1Password's transparency. Is Google Password Manager actually good enough?

reddit.com
u/RevolutionaryWar9496 — 27 days ago