May 6 was World Password Day . And, although many do not take it seriously, it is increasingly difficult to protect an online account (be it from mail, a website, social network, etc.) and make sure that no one accesses it without permission. To protect our data it is vital to use different passwords, randomly generated, and that are considered strong. But these are difficult to remember, and therefore many users decide to reuse passwords, or use easy-to-guess passwords.
It is true that remembering complex passwords is often difficult. But, to help us in this task, there are some programs known as “password managers”. A password manager is a database, in the form of a program, that allows us to save the session information of the webs. Thus, for example, we can save URLs, users, passwords and emails (among other things) safely, protected and encrypted with a master password, to prevent anyone from accessing it. Thanks to them, remembering only one password, we can always have all our keys at hand.
There are proprietary paid password managers that we should avoid. We cannot entrust as importantly as the keys to our entire digital life, to a program that we do not really know how it works, or if it has back doors. But there are also open source alternatives , totally reliable and audited, that will provide us with the best possible security for our passwords. The two most important in this regard are KeePass and Bitwareden .
KeePass: always safe passwords on your computer
KeePass is one of the oldest password managers that we can find. This program has always positioned itself against its rivals for being totally free and open source software. After passing several audits, this password manager has proven to be safe and reliable to save our passwords and not take risks.
Among its characteristics we can find a generator of secure and robust passwords, as well as the possibility of saving all the keys or entries that we want. We can even save “notes” or “notes” that are also encrypted when closing the database. The program is portable , it does not need installation, it is compatible with plugins (which allow us to add more functionalities) and it allows importing and exporting passwords to the main formats.
Its main drawback is that it is a program that we can only run locally. As we are not connected to the Internet (which is a security bonus), we cannot see the program’s passwords from a mobile phone or from another computer. There are plugins that allow us to synchronize the database with Google Drive or OneDrive to be able to access them from the mobile. However, it already unnecessarily complicates its use.
We can download the program from here .
Bitwareden: build your own cloud to save and synchronize passwords
Bitwareden is everything 1Password or LastPass should be: an open, secure and audited platform where users can save their passwords. This program allows us to create the user accounts that we want and save in them all the information that we want to manage safely. It is perfect for organizations, companies and even families. It allows you to save an unlimited number of items and also share certain information with other people.
Being a cloud service, Bitwarden allows us to access all our passwords from anywhere, only having an Internet connection. Of course, it has a strong password generator and military key encryption to prevent anyone or anything from accessing them. We can even activate double authentication to protect access to our passwords.
Its drawbacks are, on the one hand, that it is a somewhat complicated program to configure, since it requires a Linux server (or a server with Docker containers) to mount and manage it ourselves. We must have a certain level of knowledge to be able to operate and maintain it safely. In addition, there are also some functions that, although it is OpenSource, are paid. They are designed for companies, but it prevents us from having the program 100%.
We can access this program from here . We can download its source code to set up our server, or use the free web version to save passwords (although we are losing privacy when using a server controlled by a company).
Bitwareden or KeePass: which one suits my needs better?
Depending on the knowledge we have, what we want to complicate ourselves, and how we are going to use the passwords, we must choose one or the other.
If what we want is to have the keys saved on our computer, and we rarely use them outside of it, KeePass is the best option . By not having an online service that can be hacked, it is much more complicated for passwords to fall into the wrong hands. However, it is quite simple and basic, and if we want, for example, to access the passwords from the mobile, we will not be able to do it.
Bitwarden, on the other hand, is a much more complete platform. It is similar to LastPass , but totally free and open source . We will set up our own server with this tool and everything will be under our control. As long as we protect the server correctly, the passwords will be safe. And we can access them from any PC or device when the server is connected to the Internet. However, it is a lot more complicated to configure and start up, and it requires a lot more maintenance, especially to update it and be safe.