Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
1. All posts must be relevant to Android devices/operating system.
2. Posts cannot be illegal or NSFW material.
3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.
4. Non-whitelisted bots will be banned.
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
Community Resources:
We are Android girls*,
In our Lemmy.world.
The back is plastic,
It's fantastic.
*Well, not just girls: people of all gender identities are welcomed here.
Our Partner Communities:
Good. Used keepass for years, also useful for storing other confidential info. Put the app & vault in one cloud storage, key file in another and you’re synced across multiple computers, add an app for your phone and you’re good to go and surely reasonable secure providing you use a long password too.
Yes yes yes and here is a tip so even if your account got hacked you are still safe, when you generate a password put that into your password manager but have a word in your mind and when you are making an account or changing password put that word that you had in your mind in the end of your password, you just need one word to memorize and that's it (sorry for my bad English)
I used KeePass for ages, but I could never get my wife to use it, too. Updating and using and synching it wasn't a big hassle, but it was enough of one to let my wife reject it, especially with plugins that needed updating. Another issue we had was that sharing passwords wasn't really convenient. I set up a Vaultwarden instance on our server and now she's happily using the password manager (finally!) and we can have an "oganization" to share passwords with. Really cool stuff. Besides, we ain't needing and plugins anymore.
The ability to interface with DuckDuckGo's Mail-Forwarding-API has further increased the control of my data in a very convenient way!
The only thing I miss from KeePass is the ability to auto-type inside of other applications besides the browser, but hey, that's not too much of an issue.
I appreciate Enpass because it allows me to decide where my data is stored while simultaneously synchronizing across all my devices. It's quite impressive. Now, they have incorporated Wi-Fi sync, which eliminates the need for cloud-based synchronization.
How do I get started to use one? Do I need to change the password for everything for the first time?
Edit: Thanks for such detailed responses everyone. Installed Bitwarden.
You don't need to, but it probably wouldn't be a bad idea unless you were already using fairly complex passwords.
For a lot of them, you set up the service, then as you log into things, it asks if you'd like to save the login credentials you just used.
You need to first pick a password manager, imo bitwarden is the best. You set up which email and master password, and then you start going around to all the sites you frequently use and logging in, so the password manager offers to save the password. Once you've got your main sites, usually there is a security option that shows you which sites have weak passwords or where you've reused a password a lot (on bitwarden it's only on the site, not the app https://bitwarden.com/help/reports/). Those are the ones that probably need changed first. You can then add your less frequently used sites over time as you use them.
It can be some work to initially set up, but once it's done you're pretty much set. I went from reusing the same 3-4 passwords everywhere to having a unique login for every site. Seeing 210 saved logins really puts into perspective how much a password manager helps tbh.
I just switched recently from using insecure passwords to using KeePass. I was dreading the change, but it's very easy.
I changed all my important passwords to highly secure, randomly generated ones and saved them to my KeePass database. That's it. Took me like 30 minutes. Frankly I didn't bother with accounts that don't have any important info on them.
The upside and downside of KeePass is you have to keep track of your database file - it isn't stored on the cloud, so unlikely to get hacked, but if you lose the file or your master password then it's gone forever. If the cloud hosting isn't an issue for you and you like that level of convenience, then maybe Bitwarden is a better choice.
First step is just installing one and using it. Let it save your accounts and current passwords as you use them.
As you add accounts, if you know you reuse the same password for some accounts, change those passwords to a randomly generated one with the manager.
As others have mentioned Bitwarden integrates really well on desktop and Android. Highly recommend it.
I'm trying out Bitwarden after moving to a Sony phone (my Samsungs came with their inbuilt password manager) however it keeps asking for a master password all the time. Is that normal?
You can enable biometrics, if your device has a fingerprint sensor. If the phone doesn't have one, you can setup a PIN for easy unlock.
Both are available in the settings.
You can change that in the bitwarden settings. I have mine set to unlock with a fingerprint (fallback is a pin), and it stays unlocked for 15 mins before required the print/pin again.
I'm probably an ignorant paranoid about them, I know I should google a bit of them, but instead I'm going for the ol' trusty ask the community.
Do they save your passwords locally or in the cloud? If locally, what if I want to sign in in another device? What if I lose the device I have my passwords on? What if they hack my device? If in the cloud: How can I know the service is not stealing my information? If I can access it anywhere, wouldn't that mean it also needs a password? Wouldn't that make it twice as unsafe as it would only take one password to access the rest?
Edit: Damn, I got extremely useful answers, I'm starting to like lemmy!