I personally love proton pass’s frontend app, but i don’t wanna host my data on proton’s servers(personal reasons). Is there any other password managers that support iOS, android, and browser extension, that is as good. (I tried bitwarden wasn’t good cuz on mobile I had to reenter master pass over and over. I tried keypassxc, but the frontend sucks and dealing with syncing between devices is a pain in the ass.) I appreciate everyone’s help!
Use bitwarden, go to Settings -> account security -> unlock with pin and turn it on. If it’s already on, toggle it off then on. You will be prompted to set your pin. Dont forget your master password.
I wont :) I should give bitwarden another try.
After you eventually settle on bitwarden, rotate all passwords and uninstall or clear out the contents of other password managers. From your replies in this thread it seems like you’ve used many different managers.
I’ve switched 5 times in one day
I use ExpressVPN and their PW manager. I love it. It also has 2fa keys. Super dynamic and has worked on a few different phones I’ve had as well as browsers (Vivaldi, brave, etc)
I wouldn’t trust any of those vpns that do a shit ton of youtube sponsors. You should try mullvad.
not aware of youtube sponsorships or why that would matter. I’ve used it for like 4 years now and have had no problems.
Keepass is good, with Synching you can synchronize everything better
I don’t understand your issue with needing to enter your master password repeatedly with Bitwarden. You can use biometrics or a pass code to sign in on mobile. It’s pretty easy to enable in the settings. You enter master password once, turn on passcode or biometrics and then that’s it.
For me, I’m extra paranoid… Someone can forcefully unlock with biometric
there’s the lockdown or similar feature at the phone level in Android and iOS
if you’re in a situation where you don’t want someone to access Bitwarden, then you probably also want to stop them from using your browser with all the cookies and logins it currently has
so temporarily block all biometric access on your phone in such cases, and merrily enjoy biometric access when you’re physically safe again
on Android, it’s Power + Volume-Up, then Lockdown
Same on iOS too. Same buttons.
i think you can alsk yubikey
You can set a pin as an alternative. Pin would be easier to brute force but no different to a password when forcefully unlocked by coersion.
Whats wrong with keepass. I’v been syncing with syncthing for years now. I still don’t know why frontend matters is not like you will use it every 10 minutes
I get to keep the ass? I should switch to that.
Idk it was so bad it was annoying me, when I tried. Maybe I should force myself to use for a month, and see the results.
Ive found pencil/pen and paper and memorization work (ive been got by a bad download they cant scrape the paper) its old school but its pretty good not all eggs in one basket kind of thing
Good luck, but I still recommend encrypted offline strong passwords
All good until your house burns down/floods or something.
Dizzyam. nice call. i didnt think of that. Those could be a problem but the pass words a quick grab away so if im alive they ok(flood would be worst clothes get wet. Fire im out the window) ill put them in zip locks.
If they are serious passwords, look at putting them in a fireproof bag.
Otherwise, what happens if something happens when you are out?
Nice Thank you this is good thinking
Doesn’t have to be your main copy (those bags are annoying to use). But put a copy in there at least (and keep it up to date with the important ones)
DON’T put the paper in a plastic organiser etc, plastic melts/burns at lower temperature so can ruin them even if the bag would have otherwise been able to protect them.
What’s wrong with having your data on proton’s servers? I thought the app and browser extensions are verifiably only sending encrypted packets? Or do they only encrypt your password and send metadata as is?
I wanna use a different proton service, but using 2 services from proton is a bad idea.
Why
Use one service for one thing, so that when it gets disabled, only that one thing is affected.
https://ignorethecode.net/blog/2025/06/11/stop_uploading_your_data_to_google/
That’s fine as a general guideline, but does not need to be a steadfast rule. You can use your own judgement. I like ProtonPass’s SimpleLogin feature so I use that for email aliases. Its so nice and convenient.
I tried bitwarden wasn’t good cuz on mobile I had to reenter master pass over and over
Setup fingerprint unlock and enable it in Bitwarden.
KeepassXC
If it can help you, I’m in the process of choosing a password manager for my small company and asked this (awesome) community for help.
I made a table with the results so far. You can find it here : https://sh.itjust.works/post/52850975
I’m still lost, but I hope it can help you…
I don’t know if Syncthing is available on iOS but this works great to sync Keepass’s database between Linux and Android.
Synctrain is an ios syncthing client. It works great!
Good to know, thanks.
If your main concern is usability, 1password works pretty well. The downsides are it’s paid, closed source, and I think they removed the option to use a local vault, so it might have to be cloud.
I’ll check it out. If it’s cheap I might be willing to try it. Its not like proton is FOSS.
WDYM? Isn’t it?
Only the frontend. Not the backend, so you can’t self host without modifying both browser extension and mobile app, along with rewriting a server from scratch.
Okay fair enough, but that is at least slightly different than saying Proton isn’t FOSS, but I understand.
They have a pretty good FOSS standing and audits for software they distribute. While that doesn’t make it easy to host privately, it does make it trivial to see how data is shipped to their servers.
Bitwarden, is still the way to go. I say this as a proton customer. I’ve learned to work around it’s small annoyances
On mobile, I had to reenter the master password ever time I filled in a password. With a really safe, long, password, it was torture.
That is something you can configure in the settings for the mobile app. To ask for the master password every time is default behavior, but it can also be set to a PIN or biometric instead.
