This article is the perfect example of why not to use Linux on the desktop. A lot of fiddling around that eventually leads to a result that is far inferior to what you'd get just using OS X or Windows.
It can be if you want to use tools not designed for linux. I use keepass (http://keepass.info/) on linux and android and find it to be equivalent to 1 Password on Mac. It is in the Fedora repos (and I assume most others) and so easy to install.
The problem I have with KeePass is that it doesn't integrate with my browser well. LastPass does marginally better (it has an extension but I'm not loving it). There's a Firefox extension for KeePass called KeeFox, but it needs KeePass to be open and running all the time, which is annoying to me because it needs an extra window.
I've used keepass ona a daily basis. Auto type failed with my usage patterns - essentially I have multiple entry points per site (enterprise app) and each has a different titlebar text.
I've switched from OS X a few months ago and I'm actually happier with KeePassX than with 1Password. I hated AgileBits for the 4.0 bloat redesign which made everything slower (this is a constant on OS X it seems). I have a pretty simple use case with KeePassX (no sync) and here are the solutions I've found to problems mentioned in this thread. Hope they're helpful!
Hide KeePassX's window:
Just open the settings, click the first two checkboxes ("system tray icon", "minimize to tray instead of taskbar") and add `keepassx -min` to your login script. It'll ask for your password and disappear.
Title bar:
KeePassX does use the browser title bar and it's sometimes not reliable. It's easily fixable, though. Install a Greasemonkey plugin to your browser and add scripts such as this one:
I like how I could type "gmail" in Alfred and have 1Password do everything for me. I was able to reproduce that with a bash script that I call from my own launcher and it works just as well, if not faster.
... for a product that the developers don't support on that platform.
It's strange that you say "this is why you shouldn't use linux", when the article leads off by saying that the author doesn't like OSX anymore (for unspecified reasons). It seems that the author doesn't consider it 'far inferior', and considers OSX inferior enough to look for a replacement.
And the more people who take up linux, the greater the demand for proper linux support. Scaring users away with your FUD doesn't help things. 'Unsupported software' was a similar argument against OSX until a few years ago, if you recall.
I'd be interested to see the kind of hoops one would have to go through to run Linux-only software on Windows with a reverse-engineered frontend made by a single guy on his free time.
There are plenty of valid arguments about Linux on desktop, but this is not one of them.
If you use firefox on the desktop and on android you can easily sync your passwords for anything browser related without any third party extensions and without trusting unencrypted data to a 3rd party.
It worked fine for me for when I had to use Ubuntu heavily (2013-2015). Sure I didn't get the browser auto-fill, but at least I could access my database.
1Password, by far, is my favorite password manager.
Lastpass (http://lastpass.com/) has been my holy grail of vital cross-platform apps for many years now, as I've switched from Linux to Mac and back and forth and always with the Windows. Sure, it's a browser plugin, but it works just as well with Chrome and Safari (and probably Firefox and, <gulp>, IE). Their touch-unlockable iOS app is just icing on the cake. I'm not getting a dime for this endorsement. It's just been a real lifesaver, for such an important application category (at one time, as a sysadmin, I had 650 passwords in the vault), and I never have to worry about what platform I'm running at the moment.
It's too bad that LastPass feels like a highschool project by a dude and a couple of friends.
Zero consistency between the browser plugin, the vault, the app, and the mobile app. Even within the vault there's little consistency between different panes.
I'd like to believe that they know what they're doing crypto-wise, but damn that UX feels mickey-mousey. Even something as simple as using up/down over the autocomplete list misbehaves.... ;(
... and don't get me started on Basic Auth support on Chrome OSX
I've read multiple independent audits of the LastPass client (such as http://www.martinvigo.com/a-look-into-lastpass/) that haven't found any major issues, and for the issues they do find the LastPass team has always responded promptly. On the server side, LastPass's service is basically just encrypted blob synchronization, so the software doesn't particularly matter.
I found LastPass terrible from a UX perspective. Sure it must claim a lot of checkboxes on a feature sheet, but the applications/plugins/website are buggy and inconsistent with each other. It only works well when you use it for the narrow purpose of automatic website logins. Throw any other password at it, or dare to try a different workflow, and the whole thing just crumbles.
I only use it because I have to at work. 1Password is much more convenient.
That is also my experience. LastPass is pretty good if you use it with website logins, with everything else not.
However I think that is something that could easily be improved once the guys over at LastPass realize they must invest more in the UX. I for myself did already open a support ticket for that. If everybody would do this, this might raise the attention.
On the other side it's not so bad from a functional only perspective and the pricing is fair - I'll give it a chance and stay another few months with them.
I note this above but want to emphasize the fact that lastpass-cli supports the lastpass two factor options. For anyone looking for a tool like this for use both in browser and in scripts, it's great to have two factor natively supported in both places.
If you modify a password on machine A and a different on on machine B, resolving the conflict requires manually exporting both to XML, manual merging, etc. It's a real pain.
Keepass 2.x handles merges for you just fine. The mono version of Keepass 2.x is ugly and a little clunky compared to KeepassX or the windows version of 2.x, but it's good enough.
I only use my machines to log on to services, can't bring myself to trust anyone else's machine.
Unless that VPS you run Owncloud on is hosted on hardware you have under your own control, it is not on your own machine. The acronym VPS ('virtual private server') is a bit of a misnomer as it is not as private as it may seem since anyone with access to the supervisor will have access to your virtual-not-so-private-server.
I'm using pass on OS X and Linux (synced via Dropbox). It's an open source terminal based password manager and uses GPG under the hood. I don't have a mobile client, but the amount of times I've needed a password on mobile when I don't have my laptop around are far and few between.
The documentation was a bit lacking when I started, so I wrote an article with instructions:
I think that argument would affect many desktop password managers as well. Also, LastPass in particular supports a Firefox extension that works with Firefox mobile.
I use the same and store the gpg private key in a yubikey neo.
The neat thing with yubikey neo is that I can use it with android phone using openkeychain and nfc. This pairs neatly with an app named password store that syncs my pass-database using git + ssh leaving my private key secure.
I actually run the windows latest version of 1Password under Wine on Ubuntu 14.10 and it works perfectly. I just use the app GUI, not the browser addon so I cannot comment on that.
Something I like with 1Password is the UX, browsers plugins works really good and with the same UI as the application. After a try, It's painful to migrate from 1Password to lastpass...
I moved from 1Password to LastPass for a few reasons not related to UX:
1. Platform support: 1Password only supports Windows and OS X. I use more than those, and want to maintain the ability to jump between platforms at will.
2. Pay twice for OS X and Windows. Seems extortionate.
3. Browser support: I want to be able to try out browsers. At the time I made this decision, 1Password actually reduced the number of browsers they support.
Just discovered a new password manager yesterday that I didn't have time to review (try, trust ...) : http://enpass.io/
It seems to be available for every platform possible.
Even if I'm perfectly happy with keepassx, I'll problably give it a try for its prettier interface.
59 comments
[ 1.6 ms ] story [ 169 ms ] threadNothing too fancy but works very well. Have been using it for many years now.
Hide KeePassX's window:
Just open the settings, click the first two checkboxes ("system tray icon", "minimize to tray instead of taskbar") and add `keepassx -min` to your login script. It'll ask for your password and disappear.
Title bar:
KeePassX does use the browser title bar and it's sometimes not reliable. It's easily fixable, though. Install a Greasemonkey plugin to your browser and add scripts such as this one:
// ==UserScript==<br>// @name Google<br>// @namespace google<br>// @include https://accounts.google.com/*<br>// @grant none<br>// ==/UserScript==<br>document.title += " | Google";
Browser plugin:
I like how I could type "gmail" in Alfred and have 1Password do everything for me. I was able to reproduce that with a bash script that I call from my own launcher and it works just as well, if not faster.
#!/bin/bash<br>nohup xdg-open "https://example.com/" >&/dev/null &<br>wmctrl -a Opera<br>sleep 1<br>xte 'keydown Hyper_R' 'key dollar' 'keyup Hyper_R'
Last line simply simulates my KeePassX Auto-Type shortcut (which I got from OS X, yes).
Update: <br> are newlines, can't believe it's this hard to post code snippets here.
It's strange that you say "this is why you shouldn't use linux", when the article leads off by saying that the author doesn't like OSX anymore (for unspecified reasons). It seems that the author doesn't consider it 'far inferior', and considers OSX inferior enough to look for a replacement.
And the more people who take up linux, the greater the demand for proper linux support. Scaring users away with your FUD doesn't help things. 'Unsupported software' was a similar argument against OSX until a few years ago, if you recall.
There are plenty of valid arguments about Linux on desktop, but this is not one of them.
1Password, by far, is my favorite password manager.
Zero consistency between the browser plugin, the vault, the app, and the mobile app. Even within the vault there's little consistency between different panes.
I'd like to believe that they know what they're doing crypto-wise, but damn that UX feels mickey-mousey. Even something as simple as using up/down over the autocomplete list misbehaves.... ;(
... and don't get me started on Basic Auth support on Chrome OSX
I only use it because I have to at work. 1Password is much more convenient.
However I think that is something that could easily be improved once the guys over at LastPass realize they must invest more in the UX. I for myself did already open a support ticket for that. If everybody would do this, this might raise the attention.
On the other side it's not so bad from a functional only perspective and the pricing is fair - I'll give it a chance and stay another few months with them.
Also, I only use my machines to log on to services, can't bring myself to trust anyone else's machine.
For android use, I have Keepass2Droid (https://keepass2android.codeplex.com/)
If you modify a password on machine A and a different on on machine B, resolving the conflict requires manually exporting both to XML, manual merging, etc. It's a real pain.
The documentation was a bit lacking when I started, so I wrote an article with instructions:
http://www.stackednotion.com/blog/2012/09/10/setting-up-pass...
The neat thing with yubikey neo is that I can use it with android phone using openkeychain and nfc. This pairs neatly with an app named password store that syncs my pass-database using git + ssh leaving my private key secure.
The lastpass cli utility also supports their two factor options. So you get scriptability, ubiquity, and two factor. Killer.
[1]: http://www.passwordstore.org/
1. Platform support: 1Password only supports Windows and OS X. I use more than those, and want to maintain the ability to jump between platforms at will. 2. Pay twice for OS X and Windows. Seems extortionate. 3. Browser support: I want to be able to try out browsers. At the time I made this decision, 1Password actually reduced the number of browsers they support.
The native component is written in Go.
https://github.com/openpassword/blimey
Has someone already used this one ?
Been using their premium service for about 2 years now, couldn't live without it.