As we are using browser or some apps to login greatly e.g bank account, wallets, e-commerce, mutual funds etc.., remembering login details of each is difficult, in this case, we can store login details in browser to remember it or keep it somewhere in text file and copy paste. So question is are they safe? What are other safe ways? Recently, I checked LastPass.com and it does have browser extension but I doubt whether its secure.

I rely on browser's inbuilt password manager. I use firefox in both laptop and mobile. They've Lockwise app for Android to sync the passwords.

Bitwarden and 1password are the two best password managers right now. Some of the managers are notorious for including data trackers in their software for some reason, lastpass is one of them so I would avoid.

I use Bitwarden. It also provides you an option to host your own instance and sync passwords in between your devices. Just like Lastpass.

As per https://support.google.com/accounts/answer/6208650 Chrome uses your Google Account’s password to encrypt your synced passwords. But you can optionally add a passphrase too as way to encrypt passwords. And fortunately, these passwords can also be used to login to Apps on both Android and iOS (there’s a setting in iOS that can allow you access Chrome password along with iCloud Keyring).

I used to use Bitwarden. It was great except for the fact that it didn't autofill the details. So I had to manually click on the extension button everytime I wanted to log in. Recently, I switched to Dashlane premium. The subscription is dirt cheap if you subscribe via iOS (149Rs. Per year). It works fine but I am planning to go back to Bitwarden once my subscription expires.

Btw I use Keepass https://keepassxc.org/ to manage passwords (and other critical auth info) as it is open source, uses a

.kbdx

file to store passwords which is AES encrypted, and you can keep the file in any cloud storage to sync across devices.

@faint-energy-11966 +1 for dashlane. Been using Dashlane for 2 years now 😄

It was great except for the fact that it didn't autofill the details

I use a keyboard shortcut for this, and in fact its better than auto-filling because usually for the websites I visit most often (Github, Google, AWS console, etc.), I have multiple combinations of usernames and passwords and I can cycle them pretty quickly. Also, with regards to safety, Bitwarden gets audited by 3rd party regularly: https://bitwarden.com/help/article/is-bitwarden-audited/

+1 for krepassxc. There's keepass2android for usage on phone. I manage the file semi manually though

I use 1Password, I’m happy with it 🙂

+Bitwarden. It is open source compared to LastPass offering the same level of security and features

+1 for 1Password

I also use KeePass across my iOS, Android devices and Laptops. I use Dropbox to sync the

.kbdx

file.

Read few articles like https://www.allthingssecured.com/tips/password-security/is-chrome-password-manager-secure/#secured and it seems that password manager provided by browsers is not that much secure (?) so I'm just thinking to stop using it. Being a Linux user, I'm trying https://keepassxc.org/ which is the unofficial community driven version of KeePass. It lacks plugins support though.

The article doesn't include any technical reasons why Chrome's (or any browser's) built-in password managers are insecure, the caveats mentioned apply to general password practices as well. One issue with Chrome on Linux specifically is that password visibility is actually tied to desktop account login. Eg; if you go to passwords under Chrome settings and try to view any password as plain text, it would show you right away, while on Windows and macOS it would ask for your current user account password/pin again before showing password.

hmm, might be right but we can't blame them for any theft. It seems that we should use it to gain the advantage of automation at those places where risk is low and should use some other service / software which we can trust. Still, I understand that we are now open for a long debate.

@faint-energy-11966 Bitwarden actually has Autofill as a beta feature. You have to enable it inside the settings.