3 password managers at same time 🧐 :

My older version of a Firefox browser remember most of my passwords (I am ok how it works), but some important passwords are also stored in KEEpass and not in Firefox. Then there is a ProtonPass which can import both Firefox CSV and KeePass XML.

Problem with import and synchronization of these managers is that the

  1. Pass is not made to deduplicate the imported data (some imported logins may already be in vaults), which requires user to delete Pass logins prior importing a .csv file (importing because file contains more up to date logins).

  2. import does not contain 2FA secrets nor aliases (aliases deleted in Pass can not be restored into Pass at the time of writing - June 2024).

Firefox and Proton Pass - PROS and CONS (as of June 2024):

Quality of suggested logins:

⛔️ Firefox (old ver.) suggests all passwords saved across whole website incl. its subdomains which is messy

✅ Pass: suggests only passwords for a present page (not subdomains) = good

⛔️ Pass: does not automaticaly complete/suggest login when typing into username field and the list of saved logins is not alphabetically sorted by the username.

Speed:

✅ Firefox: shows saved logins instantly

⛔️ Pass: 1 second delay of a Proton Pass drop down menu with login username suggestions comparing to Firefox which loads immediately and gives impression that it loads even before login page finished loading. Both password managers loads at same time on user mouse click into the login field. Delay of a ProtonPass happens only when the suggestion menu should appear automatically upon loading a login page.

Registration form suggestions:

✅ Firefox: suggests previously used usernames/emails when typing, which is fine

🆗 Pass: does suggest anything when i type, as already mentioned. When I click, it suggests main ProtonMail address and allows generating unique alias which is very important key feature

🆗 Pass: password generating box shows non-important confirmation of a successfully copied password, which hides after like 2 seconds, making impossible to read the next form field during that time, which is annoying.

Login form suggestions:

⛔️ Pass: does not offer any login suggestion on a Basic HTTP Auth (.htaccess password protection of a directory) forms (popup) of mine (site: ILF admin, C*A/my)

Other:

⛔️ Pass: in Firefox i think it sometimes gets logged out requring to spend time re-login which may require 2FA auth from other device or other password manager.

✅ Pass: editing, grouping of passwords seems a bit better than Firefox

✅ Pass: Integrated 2FA

✅ Pass: Pass monitor in paid plan, password strength/leak indication

PROS vs CONS. What to do?

ProtonPass is a bit slower than Firefox, yet it has its advantages - email alias generating, 2FA…

SimpleLogin browser extension can be used for Proton aliases and if you do not need 2FA, it may be easier to stay with just Firefox, which is enough safe manager since I am already making backups of a Firefox (incl. passwords - which are also synced E2EE to the Mozilla cloud https://support.mozilla.org/en-US/kb/sync#w_is-it-secure).

Other option is to use Pass only for aliases and 2FA and inside its General settings, disable passwords saving and filling, letting Firefox do this job.

Third manager (for example KeePassXC) can serve as a backup, it can also import exports of Pass and Firefox. I guess it would be good to backup any password manager (incl. Pass) data regularly on schedule.

What are your suggestions/feedback regarding this?

  • Hanrahan
    link
    fedilink
    English
    2
    edit-2
    6 months ago

    For a few years I’ve used FF for shit that’s unimportant and Bitwarden for stuff that is, so a combination. Mainly becase I might go the entire day or three not needing banking, finance government stuff where my ID can be compromised and don’t need to open BitWarden at all.

    I use FF on Linux, Android and Windows when my partners Laptop has Windows issies

    I use Aegis for 2FA becase its easy to do a backup and store the password for the encrypted backup in Bitwarden.

    I have no idea if this is sane or efficient, its just how I do things now.