YOU’LL NEED THIS
A COMPATIBLE WEB BROWSER
Administrative rights to set up the password manager
IN LATE 2023, cybersecurity blogger Brian Krebs reported on the November 2022 breach of LastPass’ database, wherein the password vaults of 25 million users were stolen. Citing a recent spate of cryptocurrency thefts to the value of $35 million from security-conscious people in the tech industry, Krebs speculated that at least some of LastPass’ vaults were cracked.
It’s hard to tell if this is true, as like many password management platforms, LastPass isn’t fully open-source. Proprietary software can’t be subjected to public scrutiny, so it’s difficult to verify claims like ‘zero knowledge encryption' server-side. Open-source software is built on the philosophy that ‘many eyes make bugs shallow’, making it the gold standard for privacy.
In this guide, we’ve focused on three of the very best open-source password managers. By making the source code freely available, the developers are providing the best assurance that the software lives up to its claims. We’ll also focus on what KDFs (key derivation functions) are used, along with which encryption algorithms are deployed for savings sensitive data.
You’ll also glean tips on creating a strong, memorable master passphrase, and learn why you really can’t rely on your browser’s built-in password manager.
1 BITWARDEN
First release: 2016
Supported OS: Linux, macOS, Windows
Chrome, Firefox, Safari, Edge, Opera,