I see that today Apple have updated their iCloud for Windows App to now also include Password Manager as well.
So, for those of us on a split iPhone/Windows setup, that’ll be useful.
1 Like
I continue to use and enjoy Dashlane across my iPhone/iPad and Macbook) and earlier this year also upgraded to a family subscription, so immediate family and partners are now also using.
Dashlane did announce that the were moving to web only and retiring desktop apps but they have now changed their minds - certainly for macOS - as they have just launched a catalyst app. Ive been using it a couple of days (on iOS 15 beta) and seems good so far!
One feature I like - but sometimes worry if it is a good idea or not - is the integrated 2FA workflow so getting both password and the 2FA code auto populated! I would be interested to know what others think about the merits/security of that?
Personally, I keep them apart. A password manager for passwords and an authenticator app for 2FA.
That way, a compromise of one doesn’t affect the other. If they are provided by the same service, there’s a bigger risk of both being compromised (although I recognise the chances are very slim)
I feel better doing it this way. You can’t be too careful.
1 Like
I actually paid for Premium on BitWarden a few months ago. It’s really cheap but it’s kinda pointless unless you’re big into 2FA codes - but I tend to use Microsoft Authenticator as it gets the push notifications through as well.
I don’t think I’ll renew Premium when it comes round to it.
1 Like
Mines all under one app, no messing about having to open anything else, nice and secure I doubt my info is going anywhere to be honest.
I’ve been using BitWarden since the big hoo-hah surrounding LastPass a few months(?) ago.
All working very well, until the past few days when it will occasionally crash out and needs a reboot to resolve. I’m blaming the fact that I’m running iOS 15 beta, so my own fault really.
I’m with @davidwalton on keeping passwords and 2FA separate - I use Authy for the latter.
2 Likes
Presumably your password manager has 2FAA to set up on new devices? In which case I think for most people, the system of secure, unguessable password plus a 2FA code you get through your password manager is surely secure enough.
If you lost your phone and someone got in and could access your password manager then presumably they could also access authy or whatever you use so that’s somewhat moot.
There’s a niche situation in which separate 2FA codes are better - someone steals a device other than your phone, accesses it, and also accesses the password manager. This shouldn’t really have been possible if you used secure device and password manager passwords though.
That’s a good shout, I totally forgot about premium and I do have quite a few 2FA codes.
Do they use their own Authenticator? I use Googles at the moment, so it would be ace if it would work with that.
You can just put them all into BitWarden and it’ll generate the codes for any logins.
BitWarden emails me the one I need for accessing itself, everything else I’ve got is within that app.
Put them all in? As in import? or would I manually have to do this 
I’m going to do some Googling and I’ve just found that it works with Steam Guard too which is ace! 
https://bitwarden.com/help/article/authenticator-keys/#steam-guard-totps
1 Like
Sadly, this isn’t the case. Running 1Password 7 and 8 Beta next to each other makes this abundantly clear.
8 takes 4-5x longer to launch the main app, and uses around 5x the RAM (c. 100Mb → c. 500Mb). I can tell immediately it isn’t native. Scrolling feels broken, and resizing windows forces the whole UI to redraw to accommodate. About the only thing that Electron usually screws up that 1Password has mitigated is the keyboard shortcuts still appear unscathed.
I think you’d have to go through the process of reassigning the OTP option to Bitwarden. I’ve not seen any where you can just do a straight transfer. So a small faff to start with.
Yeah I’ve just been Googling and couldn’t find a way 
Last question because it didn’t cover this in their guides… Are the 2FA codes stored on my account like all my passwords are? If so that’s a big plus over Google because theirs are only stored locally so if my phone died I’d be screwed.
Yep, I can access them through my browser when using laptop. Also when you’ve got a token stored on BitWarden, once it’s gone through copy and pasting the login details into whatever website or app, it then copies the OTP into your clipboard. So as soon as the prompt comes up asking for it, you’ve already got it ready to paste in.
1 Like
That’s me upgrading then and an exciting evening re-setting up all the codes in Bitwarden 
4 Likes
You can add them by scanning QR code when it comes up or you can take the link it gives you and paste that info the web app version. Either way nice and easy just the time consuming bit
I’m in the premium club 
It cost £7.32 for the entire year after conversion 
which is worth it alone just for the auto-filling and storing of 2FA codes.
Nevermind all the other stuff it comes with like the ability to send files securely that auto-delete themselves. It’s like having my own wetransfer but better.
2 Likes
I was thinking of moving away from Dashlane with the removal of their Mac app - but the new catalyst app seems really good. As well as keeping the Mac app the performance in safari is much better, a nice surprise.
SecureSafe
Hey all. My LastPass is due for renewal next month and it’s shot up from £25 to £37
Any better alternatives?