Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've tried a lot the password safes/vaults, and none of them work nearly as well as Chrome/Googles password manager

You can even use it on iOS, and even use it by default. Even apples Keychain password manager works pretty well if you're all in on apple ecosystem. Only reason I see why you would not use it is if you're not using Chrome or Safari, which is most people.

Yeah, yeah, google evil



The risk there is more you accidentally make a bad comment on YouTube and Google bans your account, I think. I have no idea if I'd still be able to access my passwords if that happens. At least, personally I feel Google deciding to disallow me from logging in is more likely than Google losing my passwords.


That is only a risk for syncing, you would still still have your passwords locally saved


Is there a local UI to view/export your passwords? The only one I'm aware of is https://passwords.google.com but it's been a long time since I've used a builtin browser password manager.

also- does Google (or other browser devs) release information on how they keep your passwords secure? Is it even E2EE?


> Is there a local UI to view/export your passwords?

chrome://settings/passwords


Yes, no need to use the web, all done from the browser.

To your second question, I don't know, but thats only a concern if you export your passwords


Are you sure? Chrome could very well lock you out.


Never heard that happen, if you are worried about that, do a daily, weekly, monthly export


I personally know at least one person who had his Google account locked with no explanation.


That's not linked to what's local in your Chrome browser


How would I do that securely?


Chromes password manager used to be as safe as a text file on your desktop. Have they fixed it?


If someone has access to my desktop I've already been compromised enough to not care.


That's not really true. Password managers should be, and good ones are, way more safe than that.


Do you run npm or maven on your machine?


Passwords are encrypted, you need to use your computers password to download them decrypted


I think there are two options in Chrome's password manager. One is to decrypt with the computer's password. The other is to use your Google account authentication for decryption.


After years (a decade+?) of holding out on password managers I finally gave bitwarden a shot (based on recommendations here), and was able to import ~900 logins from google chrome.

Their UI in the chrome extension (brave browser actually) for changing/editing logins could use a little work, but overall I'm pretty happy with it. I even bit the bullet and now have passwords I don't actually know involved in everyday life. Irritatingly, uploading a video from GeForce's live capture to youtube - despite logging in with 2fa - caused a security freakout at google and now I was forced to change my gmail password.

But I digress, bitwarden even integrates with iOS's login management as another option to Apple's, though irritatingly not on OS X.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: