Jason Howell has mentioned using lastpass to manage passwords on more than one occasion

[G+_Ebuka Daniel]

Jason Howell has mentioned using lastpass to manage passwords on more than one occasion. However, I'm not looking to spend $1 every month for such an app. Are there any other solid solutions to consider?

[G+_Elizabeth Whitmire]

I use 1Password. Pay once, and then paying for major upgrades is recommended.

[G+_TJ Evans]

LastPass is easily worth it, but if there is a free + comparable alternative I'd consider it ... ATVL I can write-off the cost as an unreimbursed with expense!

[G+_James Fridley]

If you want to pay nothing, create a Web page filled with 50-70 lines of Grc.com/password random passwords. Then choose start and end points for your passwords, and change them to that.

 

If you want a bit of simple *cough* security by obscurity, go to a 404 page somewhere, copy the source code and then add the multiple lines of random text in white. At first glance the website appears to be just another 404 page, but if you select the text the white text appears.

 

Though... Honestly... I'd suggest paying for Lastpass as supporting the development of such an awesome product is worth it.

[G+_Alex Kruger]

Honestly a buck a month? Completely worth it. $12 a year, crazy cheap for what they offer.

[G+_Chad Sheridan]

I use keepass it has versions for every os, is fully encrypted, supports multi factor authentication, and if you keep your database file in a secure cloud storage solution, you can have all your passwords available on all your devices.

[G+_Joe Leuzzi]

I would agree with Chad Sheridan. Check out keepass. It's kind if like an open source lastpass. There are some differences but keepass should do the trick. Lastpass is free unless you want to use it on a mobile device. The 12 bucks is for that. I used lasypass for a while before paying the 12 bucks to have it in my android device.

[G+_John Mink]

KeePass is an open source, local program that integrates into browsers pretty well with a plugin. No charge at all, but you're responsible for your password database.

[G+_Vincent Mohr]

It's well worth the $12/yr but only need to pay if you want it on your mobile devices. I've been paying for two years and have no regrets.

[G+_Suman Bhattacharya]

Keepass is the way to go. Can't trust any cloud based services.

[G+_Suman Bhattacharya]

http://lmgtfy.com/?q=trust+cloud+can+you#

 

Draw your own conclusions.

[G+_Craig Lambert]

Some apps are worth paying for.  2 lunches at your local fast food chain pays for this and you probably don't think twice about that.  LastPass is worth it.

[G+_Brent Kelley]

Keepass is good if you want to administer your own password accounts. LastPass is the way to go for simplicity and sync across all my devices. $1/mo for managed pw security is nothing in the scheme of things. Skip going out to one dinner and you've more than paid for a year of LastPass.

[G+_Alex Kruger]

Lee Ball you really can't trust today's cloud based services.

 

Source: I work in in privacy and security.

[G+_Alex Kruger]

Lee Ball Don't get me wrong, the convenience versus security argument is one that will likely never die. And given what I've read, LastPass sounds like a great company who takes security seriously.

 

However, if you are a company who encrypts my stuff I want my data encrypted in MY machine. Encryption in transit, is very weak, and where "in transit" is it encrypted? If it's on my device, awesome. If it's on the companies servers, then it's useless. It just traveled unencrypted.

 

Also, I want to hold the keys. Most companies hold your encryption keys. Why should I trust them? How many times have we read of some massive data breach with thousands or millions in stolen passwords, card numbers, etc? It's like buying a house then giving the bank your keys. No one does this in real life, no one should do it in digital life.

 

I want to hold my encryption keys, I don't want anyone, including the company who's services I use, to be able to access my data. And I want everything fully encrypted in my computer, phone, or tablet fully encrypted before the data stream leaves my device. It's my data, I should control it. Every time, all the time.

[G+_Alex Kruger]

I completely agree. I wasn't saying don't use LastPass. Providing valid reasons to support Suman Bhattacharya statement that he can't trust cloud based services.

[G+_Alex Kruger]

You're welcome

[G+_Bradley Chasse]

Just use lastpass on your desktop, I use teamviewer to remote control the desktop browser from my phone. The full desktop pages load fast, no mobile site crap. All free this way.

[G+_Ryan Powell]

I can't live without 1Password. I actually got it years ago in a MacHeist bundle and paid small upgrade prices since for Version 3 and 4. I use three different Macs, 1 Windows machine, and my Moto X on a daily basis and couldn't imagine not having 1Password. Nice being able to store notes (with attachments) in the program as well. I believe they are still having a sale, too.

[G+_James Dowmont]

Msecure let's you back up to dropbox which would be, I suppose, a nice middle ground between cloud and device based. I haven't thoroughly checked it all out, as I'm not that deep into security, but I believe the backups are encrypted before being sent to dropbox. I use 2 factor authentication with dropbox which should minimize the risk of someone getting my database. Only hitch is every version of msecure is a separate 1 time purchase for 10 bucks.

[G+_Kevin Wandtke]

Suman Bhattacharya I would suggest you read the review of Lastpass Steve Gibson wrote. If Steve says he uses it it's good enuf for me the guy knows his secureity.

[G+_Alex Kruger]

Guillaume Grégoire They've gotten in trouble for lax security before. Such as clear text transmission.

[G+_Jawny Gee (JawnyG)]

Keepass, keep password protected kdbx file in drop box/Google drive, synced to all devices... done. Or use raspberryPi as your cloud, and be even more secure.