r/best_passwordmanager

▲ 10 r/best_passwordmanager+1 crossposts

I'm a little concerned about my privacy now and wanna start using password managers, need help.

Hello guys i've just realized that i need to start using password managers for better random passwords and less effort. but i've always been skeptical of password managers as i can't really get myself to trust something that lives on cloud, but all the convenience of password managers live on the cloud. Can you guys help me come over my fear of cloud password managers and then also suggest me some of the good ones which won't turn evil in foreseeable future.

I also don't know how should i update all of my passwords, on my mobile and also on my desktop.

reddit.com
u/Ok-Will7087 — 24 hours ago
▲ 16 r/best_passwordmanager+1 crossposts

The irony of the June 2026 LastPass breach (TLDR architectural breakdown)

We all know LastPass’s history, but their latest breach from a couple weeks ago is a textbook example of a modern supply chain nightmare.

It wasn't a direct hack on LastPass, and nobody left a personal Plex server unpatched this time. Instead, a threat group (Icarus) compromised Klue, a market intel platform LastPass's go to market teams use.

The technical TLDR:

  • The Vulnerability: A dormant, legacy service credential inside Klue’s backend that was built for an old prototype and completely forgotten about.
  • The Vector: Attackers used that old credential to slip in and harvest active OAuth tokens Klue held for its clients.
  • The Damage: They replayed those stolen OAuth tokens directly against LastPass’s Salesforce API. Because it was a trusted integration token, it bypassed MFA entirely and looked like normal daily traffic while they scraped CRM data via automated SOQL queries.

The irony here is brutal. A password manager, a product built entirely on the concept of credential hygiene - got bit because of a third-party credential that nobody remembered to delete.

Whether it's the 2022 vault leak or this 2026 OAuth hijack, we keep seeing the same root issue: relying on centralized, reusable secrets. Once an attacker finds a way to sit in the middle of that trust relationship, game over.

Curious how everyone else is auditing their third-party SaaS OAuth permissions right now? If you want to dig into the exact logs and the MITRE mapping, we did a full post mortem breakdown here:

https://unixi.io/blog/lastpass-june-2026-breach-analysis/

u/UnixiSecurity — 24 hours ago

Google Password Manager seems convenient but I'm not sure if I should trust it

I've been using Google Password Manager for a while now because it's built into Chrome and my phone so I didn't have to think about it. But lately I've been reading stuff online about whether it's actually secure or if I'm just being lazy by sticking with it. The thing is it works fine and syncs across all my devices automatically, but I keep wondering if Google having access to all my passwords is actually a problem or if I'm being paranoid.

Google is literally an advertising company. Like their whole business model is data collection so even if they say my passwords are encrypted and safe, how much do I really trust that? I don't want to be the guy who gets hacked because I was too trusting. At the same time switching to something else seems like a hassle when everything is already set up.

I've heard people mention Bitwarden and 1Password as alternatives but I don't know if they're actually better or just different. What would I actually be gaining by switching? Is Google Password Manager legitimately insecure or am I just being paranoid about a company that probably doesn't care about my specific passwords?

reddit.com
▲ 6 r/best_passwordmanager+1 crossposts

Does anyone here use Keeper Security as their password manager?

I rarely see people talking about Keeper Security compared to password managers like 1Password, Bitwarden, or Proton Pass.

u/limsus — 3 days ago

How to self-host a password manager?

So, I've been thinking about moving from 1Password to a different manager, but I'm not sure it that's a good idea.

I pay for a family plan in 1Password but at the moment only 3 people (from 5) are using it. I'm techy but not the other 2 members.

The problem is 1Password has increased the prices a lot, and I'm no longer sure if it's justified considering the usage. (And I see no value in the Travel mode)

So, would it be wise to move to Proton Pass or Bitwarden?

What about Vaultwarden and self hosting it? I already have a home server with docker but I'm concerned about management and security. Some thoughts:

- Access the server only trough Tailscale

- Open Media Vault server with Docker composer ready and already exposing some services like Jellyfin.

- Backups already happening using iDrive personal from server to cloud backup.

But what happens if Vaultwarden server is off-line? Is it only needed when synchronizing?

If it's off-line it still works?

reddit.com
u/juan_loria — 4 days ago

Is there actually a best password manager?

My email got hacked last month and it scared me enough to finally do something about my passwords. I've been using variations of the same three passwords for like a decade and I know that's terrible but I didn't know where to start with fixing it. Now I'm looking at password managers and there's so many options that I'm more confused than when I started. Everyone seems to have strong opinions about which one is best but they all say different things. Some people swear by Bitwarden, others say 1Password is worth the money, and then there's people who are really into the open source options like KeePassXC or Dashlane. I don't even know what the differences really are between them or what matters most when choosing one. What I really want is something that's easy to use but also actually secure. I don't want to spend hours setting it up and I need it to work on both my phone and computer without being a pain. Should I just go with whatever is most popular or does that not actually matter? What would you recommend for someone who's basically starting from zero?

reddit.com
u/RevolutionaryWar9496 — 4 days ago
▲ 26 r/best_passwordmanager+2 crossposts

Looking for recommendations: Best Free vs. Paid Password Managers in 2026?

Hi everyone,

I’m currently reviewing my security setup and looking for a reliable password manager. I would love to hear your personal recommendations:

  • Free tier: Which free password manager do you consider the most secure and feature-rich without annoying limitations?
  • Paid tier: If it’s worth paying for, which one provides the best value, reliability, and security features?

I prioritize ease of use and cross-platform syncing. What are you all using currently and why?

Thanks in advance!

reddit.com
u/Next-Increase3748 — 6 days ago
▲ 11 r/best_passwordmanager+1 crossposts

Password manager for business - how to find a starting point.

Hey y'all,

I work at a very small IT company, 7 people, 3 developers, others, and me as the sole IT operations person.

As these small IT shops come and go, they love their passwords on sticky notes, and I want to get rid of that for many obvious reasons. So I am kinda hoping for some more seasoned professionals than I am, if they can give me some basic guidelines, or perhaps point to blogs, resources, etc., where I can see, why I should build which kind of password manager architecture, how to have a secure fallback, etc.

Personally, I use proton pass to store all my passwords, and like it for its polished UI and the fact that it is based in Europe.

However, when it is for more people, there are a lot more questions. For example, how can one securely store recovery keys, as non-IT people usually are great at losing them? What balance should there be between security and convenience? If I leave the job at some point, how do I need to build this setup, so I have a minimum amount of passover work to do?

Some general background: We run all our machines via Azure SSO, so for some apps, Microsoft asks the passkeys the user stored; however, a lot of other services don't, hence the password manager idea. Myself, I worked mostly in application support, decent networking knowledge, experienced in troubleshooting. But I know when my knowledge isnt enough to give a qualified full answer, like here.

Thanks in advance for any and every advice!

reddit.com
u/North-Creative — 13 days ago

Best password manager that finally worked for you?

I've been struggling with password management for years. I used to write passwords down in a notebook, which was insecure. Then I tried remembering passwords, which was impossible. I finally switched to a password manager and it completely changed how I manage my accounts. I'm curious what other people's success stories are. What password manager finally solved your password problem? How did it change your life?

Bitwarden was the game changer for me. I was using browser password managers and they weren't working well. I had passwords scattered across different browsers and devices. Bitwarden unified everything. All my passwords are in one place, encrypted, and accessible from any device. The autofill works perfectly. I don't have to remember a single password except my master password. It took maybe an hour to set up and import all my passwords. Now I generate unique passwords for every account and I never have to think about it. The peace of mind is incredible. I know that if one account gets compromised, the hackers can't access my other accounts because every password is unique. Bitwarden costs ten dollars per year for premium features. If you're still struggling with passwords, get a password manager. Your life will improve immediately. The security benefits are worth it.

reddit.com
u/WatercressNo349 — 13 days ago

Is 1Password legit or a scam? Looking for honest reviews

Need a password manager that works smoothly across all your devices? The top choices are 1Password, Bitwarden, and LastPass. They all sync reliably across iOS, Android, Mac, and Windows without lag.

1Password costs about $3 per month and delivers instant syncing with a sleek, intuitive interface on every platform. Bitwarden is open-source and offers a free tier plus a $10 annual premium plan, making it ideal if you prioritize privacy and security. LastPass has been around longer and syncs well across devices, though it's worth noting the company has experienced security issues in the past.

When selecting a password manager, prioritize strong AES-256 encryption and zero-knowledge architecture, which ensures the company can never access your passwords. Before committing to a subscription, test the sync speed on your devices and verify that the mobile app has all the features you need on the go. This ensures you get a tool that truly works for your workflow.

reddit.com
u/WatercressNo349 — 11 days ago