It is truly upsetting to see how few people use password managers. I have witnessed people who always use the same password (and even tell me what it is), people who try to login to accounts but constantly can’t remember which credentials they used, people who store all of their passwords on a text file on their desktop, people who use a password manager but store the master password on Discord, entire tech sectors in companies locked to LastPass, and so much more. One person even told me they were upset that websites wouldn’t tell you password requirements after you create your account, and so they screenshot the requirements every time so they could remember which characters to add to their reused password.
Use a password manager. Whatever solution you think you can come up with is most likely not secure. Computers store a lot of temporary files in places you might not even know how to check, so don’t just stick it in a text file. Use a properly made password manager, such as Bitwarden or KeePassXC. They’re not going to steal your passwords. Store your master password in a safe place or use a passphrase that you can remember. Even using your browser’s password storage is better than nothing. Don’t reuse passwords, use long randomly generated ones.
It’s free, it’s convenient, it takes a few minutes to set up, and its a massive boost in security. No needing to remember passwords. No needing to come up with new passwords. No manually typing passwords. I know I’m preaching to the choir, but if even one of you decides to use a password manager after this then it’s an easy win.
Please, don’t wait. If you aren’t using a password manager right now, take a few minutes. You’ll thank yourself later.
I migrated to Bitwarden from Firefox a few months ago and I regret it as it’s slower and inconvenient while not adding any major features. So yes, use a password manager and the one provided by Firefox is perfect for almost everyone.
How is it more inconventient and slower?
The only reason should be that it needs to decrypt the vault upon login which (depending on the iterators of the encryption and the processing speed of the system) can take a second more. Until then it’s equal to a native integration.
Upside: You are not locked to a browser anymore as (at least Bitwarden) is agnostic.
On android, there’s a 4 second lag to get the fingerprint reader ready, 0 with Firefox.
I’m not going to switch from Firefox anytime soon but it’s super easy to export passwords and the Firefox password manager works for any apps on Android.
I also use Firefox on Android with a fairly recent stock ROM phone. At best the whole process to pasting my password into the webform takes 5 seconds.
If the vault is still within unlock period the auto-fill takes even less time (assuming the authentication URL regex is correct. It’s a bit annoying with subdomains)
How did you login to apps in your phone? Go to the computer and open Firefox? Bitwarden on the phone integrates into the apps directly.
Same as Firefox. You go to your Android settings and set Firefox as password manager. No need to go to the computer.
Ah interesting. I didn’t know that was possible!
They did a poor job advertising it…
I agree, but I just know that someday Mozilla is going to go down and I’m gonna lose my passwords and I won’t even be able to get into my email to reset them.
The passwords are stored locally. You can test this yourself by turning off your WiFi or disconnecting your Ethernet cable and then going to about:logins. All the passwords will still be there.
You can also test it by logging in to a new computer and getting all your passwords there too
Please don’t confused this with backup as a sync could trigger a delete.
You can (and probably should) backup your passwords. Same goes for any hosted solution.
Quick question? Since Firefox is open source couldn’t you in theory modify where the password manager is going. Syncing your passwords from the browser to your local server. Idk, I just thought of that and know that that’ll never work or it may be too much work when there’s an alternative for that anyways. Just something I thought of from what you were saying about “if Mozilla may kill their servers” which they will imo.
There are several Firefox tools that do things like this if you look!