Whenever a password manager is recommended to internet users, the opinion usually originates from a security expert. Even though these experts are definitely the right people to listen to, it’s often just as important to listen to the advice of the public, too.
And when it comes to people sharing their honest, uncensored opinions about password managers, there are few sources worth looking out for than Reddit users.
That’s why we took a closer look at some Reddit threads regarding password managers: like expected the results are exciting and pretty unconventional…
Big Password Managers: Torn Between Supporters and Haters
Although there is a general consensus between users that password managers are mandatory if you have multiple passwords across various websites, it’s shocking to discover that many Redditors are pretty hostile towards password management tools developed by bigger companies. The reasons for this are varied, but there are two arguments in particular that appear in almost every thread we found:
Unsafe Cloud Storage
It’s quite surprising to see how much Redditors reject the idea of storing their credentials in the cloud of big companies – despite constantly hearing about the advantages of cloud computing. In fact, the biggest concern about partially or entirely web-based password managers comes down to whether their encryption methods are effective enough at keeping hackers at bay. There are Redditors who try to explain that most password manager companies use end-to-end encryption making them perfectly ‘hacker-resistant’, yet the majority of the Reddit answers tell readers to choose a password manager that stores passwords and other credentials on the device and/or syncs offline.
Buggy Browser Extensions
Another huge concern of Redditors is how open password manager browser add-ons are to hacking. Sadly that’s something even we have to confirm: since extensions have to comply with the coding of the browser they are integrating into, it is highly likely that the plugin’s own coding will be vulnerable. Although Redditors are satisfied with how fast big password manager companies release patches should their database become compromised, they suggest users the very same thing that security experts do: turn off the browser extensions completely.
LastPass: Caught in Crossfire
Despite all of the above, Redditors don’t completely reject the option of installing a big password manager; in fact, both Dashlane and 1Password appear in a mostly positive context, with the latter usually preferred by Mac users. But opinions differ significantly on LastPass, the company that has had the biggest amount of media coverage in the past few years.
Many – especially avid KeePass supporters – have set a full-on vendetta against this company, stating that LastPass is the prime example of how not to securely store our passwords due to its web-only nature and the huge amount of bugs discovered in its browser add-ons. Defenders of LastPass, on the other hand, go as far as to declare it the best password manager, emphasizing its user-friendliness, convenience, cheap pricing policy and how fast the company reacts to data breaches.
The Winner Is Open-Source
Admitting that in certain aspects alternative password managers can be better than their traditional counterparts, it was still startling to see the dominance of KeePass, especially when the thread involved LastPass by comparing the official product to its open-source ‘nemesis’. And despite complaints about its not-so-user-friendly interface, the main message to big password manager companies is that it was not local encryption or cloudless syncing that made KeePass the number one Reddit approved password manager, but its open-source nature – in other words, the ability to immediately patch vulnerabilities.
Best Password Managers of 2019
|Editor's Choice 2019|