What password manager does everyone use?

Yes, otherwise they wouldn’t spend the money they do on brand design.

Sounds like you’ve never had to deal with a Marketing department

It’s obviously not a major issue, but there is a reason brands care about their identity. I doubt Monzo is going to come out with a logo with an abstract Z symbol anytime soon as that wouldn’t exactly represent their brand.

With nothing but this, it’s obvious it’s Google.

True. But then you get the issue where essentially all of their apps look the same at first glace. I like how Samsung does use a different colour for them all. Makes it just a bit clearer if you aren’t paying too much attention.

To be fair, many of those features tend to get absorbed into another app or service, but they still clearly love to throw random stuff at the wall and hope something sticks.

I went to an outdoor market last weekend, probably the closest I’ve got

They might if they made 100 different apps!

Just a heads up, 1Password is now doing a year free for students (vs 50% discount on the first year before). I just added it to my account and it refunded my remaining months to my account credit to put towards renewal in a year.

Is there any reason why I shouldn’t just use Chrome/Google as my password manager? (other than some people just not liking google)

Lots of reasons.

• Doesn’t categorise
• Doesn’t support anything beyond passwords (eg. addresses, cards, passport, driving licence etc)
• No 2FA auto fill
• No way to improve auto-fill accuracy. EG. on subdomains you can be more specific which logins apply to where

Start looking around at 1Password and Bitwarden features. You’ll see

Thanks for the response but I think those may be reasons to go with something else rather than reasons not to go with Google, if that makes sense.

I don’t feel the need to categorise my passwords. Once I’ve saved a password I don’t want or need to do anything else with it and Chrome/Google definitely has autofill for names and addresses.

Yeah it makes sense. If you don’t need any of those then I don’t think there is anything fundamentally wrong with Google.

I have thousands of logins so I need structure and a clear separation of work and personal ones too. The other things I listed all help make life easier but again if you don’t have that many or a need for it to store other details then that’s fine.

It’s a push of a button to migrate between all password managers so don’t worry about making a wrong decision or outgrowing etc.

Feature wise, the biggest reason would be that it only works in Chrome, which is obviously a bit limiting, ie it can’t fill in passwords on your apps or programs. Other features mentioned above plus family sharing etc.

Security wise it’s not zero-knowledge and browsers are very common targets for malware like dodgy extensions, they are commonly left logged in to on devices, generally it’s not nearly as secure.

I guess it depends how paranoid you are. It’s much safer than having one password for everything and protects you from the most common type of attack, which is people cracking that one password you use and selling it online. It still has significant vulnerabilities.

Out of interest, is anyone finding more and more than Password Manager extensions for Chrome/Edge seem to be struggling to actually fill in username/password details on websites?

I was using the icloud extension but found more and more websites it would recognise that it had the right details, but when I clicked it to select the account, it wouldn’t be able to actually input the details into the username/password field. So, I switched to Microsoft Authenticator, and found the same issue. So, switched to Lastpass and found the same thing.

Is if my installation of the web browsers? Or is Google getting sneaky with these sort of extensions and making them less reliable so that people just stay with the default Chrome Password manager?

My Bitwarden Chrome extension (Windows 11) works 100% of the time, all the time.

No issues here with 1Password on Chrome/Edge and Bitwarden + Keeper on Opera

Historically there have been a number of issues with integrated browser managers allowing bad actors to either trick the app into revealing credentials, or bypassing the security entirely and dumping the whole vault.

Most of the password blocks employed by these browsers to “secure” your passwords (like OS password) have easy bypass methods an attacker can use to gain access to the vault. I’ve had to do this to recover someone’s lost credentials for them before and it’s extremely trivial.

For password managers they have one job and it’s in their interest to keep your data secure. Google is fundamentally an advertising company of which you are their product, so it’s more appealing for them to focus on selling your data than securing your account.

Of course they won’t deliberately expose your passwords but you can see why a difference in motivation might not keep them on the bleeding edge of securing your passwords when there’s money to make elsewhere.

Google don’t sell your data any more than Apple does.

And they are extremely incentivised to keep your data secure by the fact that a major breach could be catastophic for their reputation.

I’m pretty sure they’re also ahead of pretty much all the big players in launching pass keys. Their account security tools are generally excellent.

True, I wouldn’t trust them with my password vault either. cough iCloud breach cough