Newer password keepers/form-fillers - anyone using Dashlane or 1Password?

[Tuxman]

Good comparison of password services with ranking:

http://www.asecureli...roboform-vs-keepass/

-wraith808 (September 21, 2015, 01:09 PM)

Giving KeePass a bold "Contra" because you are not forced to store your passwords on other people's computers... LOL!

[rgdot]

^ "other people's" is not accurate

[Tuxman]

The cloud basically are other people's computers.

[rgdot]

Well yes, I meant syncing, over wifi for example. I don't see the point of using third party or cloud services to get something from one of my devices to another one of mine. In my case Dropbox may be an exception but it's the only one of that sort (files everywhere thing) I use and rarely at that.

[Deozaan]

The cloud basically are other people's computers.

-Tuxman (September 21, 2015, 04:02 PM)

You're misrepresenting what they are saying.

Difficult to keep synced between devices

That says nothing about the cloud.

[Tuxman]

You're misrepresenting what they are saying.

-Deozaan (September 21, 2015, 04:14 PM)

From the LastPass "pros":

Share and send login information to other Lastpass users securely

--> No, I'm not. They give KeePass a worse ranking because it doesn't come with a built-in storage on other people's computers.

[Deozaan]

You're misrepresenting what they are saying.

-Deozaan (September 21, 2015, 04:14 PM)

From the LastPass "pros":

Share and send login information to other Lastpass users securely

--> No, I'm not. They give KeePass a worse ranking because it doesn't come with a built-in storage on other people's computers.

-Tuxman (September 21, 2015, 04:16 PM)

You're moving the goalposts. LastPass pros has nothing to do with KeePass cons. You specifically mentioned the bold KeePass contra:

Giving KeePass a bold "Contra" because you are not forced to store your passwords on other people's computers... LOL!

-Tuxman (September 21, 2015, 03:46 PM)

I quoted the only bold contra for KeePass, which is this:

Difficult to keep synced between devices

Again, that has nothing to do with the cloud, nor does it have anything to do with sharing passwords with other people. Nor does it have anything to do with LastPass.

Nice try though.

[Tuxman]

Again, that has nothing to do with the cloud, nor does it have anything to do with sharing passwords with other people. Nor does it have anything to do with LastPass.

-Deozaan (September 21, 2015, 04:23 PM)

Oh, so they compare the password managers without comparing their features vs. each other?

[wraith808]

Again, that has nothing to do with the cloud, nor does it have anything to do with sharing passwords with other people. Nor does it have anything to do with LastPass.

-Deozaan (September 21, 2015, 04:23 PM)

Oh, so they compare the password managers without comparing their features vs. each other?

-Tuxman (September 21, 2015, 04:27 PM)

Correct.  You can make that determination based on your needs and wants.  I hate when reviews try to compare apples to oranges in terms of features.  Compare how they implemented (or didn't implement) what they implemented, and list those things clearly.  Let me draw the other conclusions when comparing software.  Else the review doesn't stand on it's own.

[Innuendo]

The Master Password as a way to access one's sticky account was addressed in the beta forum.

Someone complained:

This is UNACCEPTABLE. I do NOT want to use my Master Password to access my Sticky Account. No assurance you can offer is adequate. I want StickyPass, or a reg code that licenses my software.

Give the present direction, you force me to change my Master Password with every upgrade where I have to reach my account. I want no part of the cloud, and that includes Master Password in in form/hash/salt.

Their reply:

That's exactly what it does not. We never ever use MP as a string for hashing. MP is used only locally to prove that you can decrypt a random string used later as an access token. Basically it is the same situation as if you download a special DB encrypted by your MP, containing just a registration string to prove you can decrypt it.

[f0dder]

The Master Password as a way to access one's sticky account was addressed in the beta forum.

-Innuendo (September 21, 2015, 08:37 PM)

They do have some loading-animation thing when you sign into the forum, so I kinda guessed they might be doing something like this - it makes me a bit uneasy in closed-source software, especially when it's not a FAQ bullet mentioning the algorithm. OTOH, it can be safer than a password if implemented correctly.

[f0dder]

Redownloaded StickyPassword on OSX today, it's gone from StickYpassword_rev388.dmg to *_rev435.dmg - and now I was able to sign in to the existing account. Local WiFi sync works, and the BitDuJour discount was still in effect, so yeah, there we go.

The OSX version still needs a lot of polish compared to the Windows one, it doesn't have a top-bar icon like, say, 1Password, the preferences menu doesn't have a lot of options, there's no passphrase generator, and currently only Chrome and Safari addons.

Hm, it's storage format is SQLite, which is nice - it seems like only the entry data itself is encrypted, though, rather than a block-level encryption of the entire database.
Newer password keepers/form-fillers - anyone using Dashlane or 1Password?