Help me find a place to store these 100 passwords

21

I’m planning to switch from iPhone to Android but I don’t know what to do with my 100 passwords saved on my iPhone. There’s no way I can access those passwords online – I have to have an Apple device to access them. So I must move my passwords elsewhere if I plan to no longer use an iPhone.

 

For Android, one obvious choice is storing passwords in the Google Account. But there are two problems with this. One, there is no way to manually add new passwords in Google Account. There are 100 passwords and it would be a pain to visit each website and log in just to have Chrome save that password. And two, all passwords are fully exposed in Chrome when logged in with a Google account. There is no extra authentication step to view all the passwords.

 

I could use Microsoft Edge on Android and save my passwords in my Microsoft Account, but Edge has all the same problems as with Google/Chrome when it comes to passwords.

 

I could also save passwords in Windows and access passwords from there. There is something called Credential Manager in Control Panel. All passwords saved in IE/Edge get saved there, under Web Credentials. The good thing is that it requires authentication to view those passwords. But unfortunately there’s no way to manually add passwords which I must do.

 

The only option left is using a third party password manager, and to me that is that worst option. I would rather have big trustworthy companies like Apple, Microsoft, Google, Amazon keep my passwords and other sensitive info than all these little companies that might go out of business any day. Aside from having to pay a monthly subscription fee, the requirement of all these third party password managers is to create and remember a Master Password which, if you forget, you lose all your passwords. And this Master Password should obviously be strong enough so no one can guess it, having upper/lower case letters, numbers, non-alphanumeric characters, etc. etc. How am I to remember such a long and complex password!?!

 

Apple’s method of saving passwords is excellent. All passwords are secure, require authentication to view them, sync seamlessly between (Apple) devices, and best of all, you can manually add new usernames/passwords without ever having to visit the website. But if I move to Android I will need another means of saving my passwords, hence my need for your valuable advice in this matter.

Comments (21)

21 responses to “Help me find a place to store these 100 passwords”

  1. wright_is

    I use LastPass. With premium, I can even use my NFC Yubikey as 2-factor on Android and per USB on my Windows and Linux PCs.

    1Password is also good, I've heard.

    Both can be installed on iPhone so you might be able to migrate the passwords over or copy/paste them? I've no idea, I haven't used an iPhone in donkey's years.

    In LastPass you can add a new password without visiting the site, although it will ask for the default URL (so that it can go to the site if you click on it and so that it recognises the domain when you visit the site to automatically suggest the correct password). You can also store multiple passwords for one site - E.g. I have my business Office 365 account, private Outlook/Office 365 account, plus half a dozen other accounts for logging onto Microsoft websites. Each is stored separately, but with the same URL, LastPass then offers me a drop-down list when I visit the site and try to log on.

    I'd rather have an expert in password security than a huger advertising or data slurping company looking after my passwords. ;-)

    With LastPass, and I assume the others, you can print off a one-time password list, so that if you forget your password, you can use the OTPs to get back into the account and set a new master password.

    My Password is somewhere over 20 characters long, but I use a scheme to create a password that I can easily remember. It is long, meets the complexity requirements, but isn't just a random jumble of characters, but also isn't a sentence or related words.

    • bill_russell

      In reply to wright_is:

      I'd rather have an expert in password security than a huger advertising or data slurping company looking after my passwords. ;-)


      Right, slurping passwords and other random text in documents as a basis for showing people those ads they secretly REALLY want (rather than just stuff they search for and look at) , while having about a billion eyes on your company at all times, risking a good reputation makes SO much sense ;).

  2. coeus89

    I have been using LastPass on Windows, browsers, and Android for like 4 years without issue for what that's worth. I highly recommend it.

  3. waethorn

    These people don't know what they're talking about.


    LastPass has been hacked. MANY times.


    If you want good security, here's some things you do:


    1) Don't "sync" passwords. Sync protocols are horribly insecure.

    2) Don't store passwords in your browser. Browser makers can't be trusted with security.

    3) Don't store passwords in the cloud, for the same reason as #2.

    4) Use 2FA or hardware password locker USB keys.

    5) Use something that has open-source software so that the code can be fully audited by anyone. The use of closed-source software means that you're taking a risk that there's an unchecked security hole, or worse, an intentional backdoor.


    Anything less, and you might as well just use 12345 as your password.

  4. Paul Thurrott

    The Wirecutter recommends 1Password, but it's not free. The best free option is LastPass Free.


    https://thewirecutter.com/reviews/best-password-managers/

  5. BigM72

    If you don't like third-party password managers, you can build your own using KeePass.

    Personally, I just use LastPass, it's free, it's convenient, LogMeIn makes enough profits and I can easily move to 1Password some day if I needed to.

  6. bill_russell

    For personal use, just keep them in a reputable cloud spreadsheet (like gdrive sheets) where the account is protected by 2 factor. Its not as convenient as a password manager that auto manages them but its worked for me and I like to be in control of it (as well as not wanting a monthly fee). I also use a password that isn't super long and crazy, memorable enough and easy enough to enter even on a phone but then you know if someone is trying to hack into it, like if they somehow brute forced the password you would be getting 2 factor attempt notifications.

  7. lwetzel

    Ok tried to post another choice but had a hotlink in it to a site. Must have a control in place to not allow that (and I understand that.)


    Look at Codebook by a company called Zetetic LLC. Been using it since PalmPilot days. Used LastPass but gave it up because I can keep my data locally and sync with any device Windows, MacOS, iOS, or Android.

  8. jimchamplin

    LastPass and Lockwise from Firefox are both good options I’ve found. LastPass integrates with desktop Chrome as well with an unobtrusive extension.

  9. OurManInNY

    I'm a big fan of Bitwarden, which works on iOS, Windows, Mac, and Android.


    I used LastPass for a few years but they pretty much dropped the ball on updates for a long while.

  10. earlster

    I'm with everybody else here, a 3rd party password manager is the way to go. As for your question on how to remember that strong password for the password manager? Write it down and keep it in a safe place, maybe even multiple copies if you worry you will forget where you put it. Day to day you won't need that password, on Android your fingerprint will unlock lastpass (and probably other password managers, too), and on a PC there are similar options to not need it everytime.


    Lastpass also allows to export your passwords, which then again you can safely store on a thumbdrive.

  11. sentinel6671

    You need to seriously consider a password manager, as others have mentioned. Your arguments against them are, frankly, foolish. My family and I use Lastpass. They've been around for years and aren't likely going anywhere.

    • maktaba

      In reply to sentinel6671:

      I never argued against using password managers, only third party ones. I do use the native password manager in iOS. And I agree password managers are important.

      • evox81

        In reply to Maktaba:

        I think his point was that your reasoning for avoiding a 3rd party password manager isn't really a valid reason. Companies like LastPass have been around for years, and are proper, viable companies in their own right. They're not going anywhere.


        As such, if you're using a disparate collection of devices, or may consider switching ecosystems in the future, why make it more difficult on yourself? Just use a 3rd party password manager and make life easier for yourself.

  12. wunderbar

    the big 3rd party password managers are absolutely trustworthy, and I would argue more trustworthy than google/microsoft, etc when it comes to password storage.


    LastPass and 1Password are the way to go here. trying to cobble together any other solution is making things more difficult than they need to be for no reason.

  13. simont

    Password Managers are your friend. Work across every platform and have the ability to generate very secure passwords. Some also work with www.haveyoubeenpwned.com to let you know if a web site has been hacked.


    I use LastPass but I have heard good things about 1Password as well (Brad uses 1Password).


    Both have free versions and paid versions with extra features.

  14. minke

    I've tried LastPass, Enpass, Bitwarden, and various versions of KeePass. I've been using Bitwarden for over a year and like it. In particular, I value being able to store the codes for all my 2FA authentication sites which means it is easy to reset up Google Authenticator if I change phones. The Android app is pretty simple, but works well. Includes fingerprint lock, which is nice. I store important passwords in Bitwarden, and keep less important ones in Chrome for easy login to forums, etc.

Leave a Reply