Small edit: I’m currently trying out Keepass, which an opensource password manager that has been around for over 10 years. It seems pretty good aswell but the user experience isn’t quite the same since it’s harder to setup and it doesn’t have any cloud syncing for linux. So if you don’ trust a newly established password manager that is closed source keepass is probably the way to go. It allows you to migrate from multiple other password managers including Enpass.
For the longest time I didn’t really follow the idea of “use strong unique passwords for every service”. One the one side I don’t really have any super important accounts (at least not that many) and all the ones that are important have two factor authentification. So I usually used pretty weak passwords and just relied on the two factore authentification. I never had any issues with it (maybe I’m jinxing it here. EDIT: I did 😛, but once again nothing happened) but a while ago I decided I shouldn’t wait until something bad happens to start using better passwords, infact I already got a number of emails from one service which told me that someone was trying to log into my account from somewhere in India, but they couldn’t since they also needed my email (Which obviously didn’t use the same password).
So I went ahead and looked for a good password manager and after a short search I found Enpahttp://keepass.info/ss. Keeping all passwords in one place is both good and really bad. For one their secured and you don’t have to memorize them. On the other hand if someone were to get access they’d have it really easy to compromise all of your accounts.
Enpass advertises itself as the “best password manager”. I haven’t used any others but for now I’m happy with it. It’s cross-platform runs on Linux, Windows and my android phone. It encrypts the entire password database with your master password and can sync across various cloud services like Google Drive.
The best thing about it is the browser addon which allows you to directly interact with enpass and transfer login information to the browser. Also it can generate passwords on the fly while creating a new account with settings like lenght, use special characters or only use pronouncable words. When creating a new account it can also automatically add the login information to the database. Obviously all that can only be done when logged in with the master password. You’ll be automatically logged out after 1 minute of inactivity within Enpass (Which can be changed). Passwords that have been copied to the clipboard will also be cleared after a give timeout.
Something that you should note is that passwords you have generated can be looked up in the password history of Enpass. I didn’t know that in the beginning an thought that the passwords were lost, since the clipboard was cleared.
To sum it up Enpass is a pretty useful tool which is free for Windows, Linux and Mac. The mobile version is limited to 30 database entries though. The only thing that can be concerning is the fact that one company could compromise thousands of accounts if they wanted to, let’s hope they don’t.