The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
I'm experimenting with KeePass, so far it does most of what I like so it may be a keeper. The stand-alone version is a great feature.
I won't use an on-line password manager -- they are all perfectly safe until they get hacked the first time. If something is accessible, it WILL get hacked at some point. As someone else said, if a hacker can't get at the media, they can't hack it.
Long ago I wrote an MS Access database app that stores URL, UID, PWD, up to 5 security Q&A, plus a general use memo field. I keep it on a stick (have 2 backup sticks in secure places) in an encrypted zip file. The file names have nothing to do with computers, the web, or security. [I need to investigate encrypting the stick, which I might do even if I switch to KeePass.]
This doesn't allow automatic login to anything ... but it won't get hacked unless I'm stupid with the stick.
If you petition the correct democratic government representative, he/she/it can setup a safe place for your passwords.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 - You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 - When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
I'm partial to keepass -- open source, ported to everything (iOS, Android, Win, Lin), all the ports can reliably open each other's database files, even has a version that runs (on windows) from a flash drive without having to install it first. I keep separate database files for work and personal on my phone, since its nearly always with me. Only catch is that all the recent apps for Android share the same (probably Android) bug where they can't reliably access or write to databases -- you have to search for the version that supports offline access to get one that works, and then manually backup the database file periodically.
We can program with only 1's, but if all you've got are zeros, you've got nothing.
KeePass; but you'd want to run it (along with a browser) in a separate desktop without hooking-rights. The settings should "hide the password" and not show it, otherwise any screengrabber could empty your vault.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
I spent several days researching password safes about a year ago and decided on Encrptr from SpiderOak
(see https://spideroak.com/solutions/encryptr) for a detailed description. I chose the product for the following reasons:
1. Cheap - as in free
2. Anonymity - in that the user id is not linked to your email account, name etc.
3. Security - uses Zero Knowledge cloud service
4. Accessibility - from mobile phone, desktop, laptop, in windows, android, linux, or OSx of your choice.
Wait for it... Password Safe[^]! I've been using it for years. Works on all platforms - Windows, Mac, Linux, Android, iOS. Open source, too. Has tons of great features like double-click to browse to URL, customizable autotype of username and password, password generator with default pattern or multiple user defined patterns. You can keep notes on each entry which are also secured.