Internet is the need of the hour. Everyone is trying to get on the Internet for making life easier for themselves and their loved ones. Today, nearly 60% of the World’s population uses the Internet. Nearly 8,75000 new Internet users connect to the Internet every day.
Each new user starts creating new accounts the moment he/she gets on the Internet. Facebook, Gmail, Instagram, and what not? In a period of a few weeks, a user can have more than a hundred accounts. Each account is locked with a username/email and password.
It is difficult to remember hundreds of passwords. So users often use the same password in all accounts without knowing the risk of losing all their accounts.
From phishing attacks and sending malware in an email, hackers try all advanced attacks to trick users into exposing their username and password. On the other hand, the services that we sign up on using the same password are at constant risk of leaking users’ data. Just one vulnerability is enough to lose all users’ data into hackers’ hands.
Once hackers get somebody’s username and password, they try these credentials on other popular services such as Gmail, Facebook, Twitter, Instagram, and more.
HaveIBeenPwned is an extremely useful tool to find out where your personal information has been compromised ever since you started creating accounts with a particular email or phone number. It keeps track of hacking incidents. A user has to enter his email or phone number and the site will search its database to find out if the email or phone has ever leaked in any hacks.
As you can see the above email address has been leaked in 11 data breaches. It means hackers know this email address.
If you have been pwned, hackers may send you spam emails to trick you into giving your information or downloading malware on your computer. Hackers also try to authenticate on other popular services using the compromised email and password.
In case you are using the same password on multiple accounts, hackers will eventually try that combination sooner or later. Now it is just a matter of time.
So when it comes to securing your account credentials, use complex and unique passwords for every account you own. Because of this, password managers have also become the need of the hour. Password managers are built to not only keep your hundreds of usernames and passwords secure but also easily create complex and unique passwords.
In this article, I will review the best password managers for Linux. The password managers I am going to mention, I have used them all for a period of time before staying with the one that I think is the best password manager for Linux.
When we use Chrome and Firefox, we find ourselves trapped with one web browser. Passwords managers provide more features and we do not have to stick to one web browser. Password managers allow us to use whatever web browsers we want and provide sync our data with the browser.
Online & Offline password managers
Password managers create & store your passwords. It is a big challenge for developers to keep this valuable information safe. Companies regularly audit the security of their software to keep their system up-to-date.
Password managers are mainly divided into two categories, cloud-based and offline password managers.
Most cloud-based password managers encrypt your data with the master password of your choice and send the data on their servers. Now you’ll have to trust them for the safety of your data. To build trust among their users, companies keep informing them about the security practices and the technology they use to keep their data safe.
On the other hand, there are offline password managers. Offline password managers can create and store passwords offline, encrypted with a master password. Users get an encrypted file that they can save anywhere they want. Save it to any cloud storage or locally.
Security is the topmost feature of all password managers. All password managers encrypt password vaults with a strong encryption key either set by the user or the password manager itself. It is pretty much impossible to break the encryption.
Although, one can guess the encryption key or master password if it is weak. So it is highly recommended to set a lengthy and strong master password for your password vault.
Password managers are locked with one master password. Master password has to be complex and lengthy. Users only have to remember the master password to unlock all the passwords. Two-factor authentication is an additional layer of security.
Password manager does not decrypt secure password vault unless the user enters a one-time password. Most password managers provide two-factor authentication or even multi-factor authentication feature that must be enabled by the user.
You can get OTP through SMS or set up 2FA applications such as Google Authenticator and Authy.
With multi-device support, users can get their passwords across all devices. On phones, it is a little tedious to type passwords so password managers help create strong passwords just with a single click.
Generate strong passwords
Strong passwords mean safer internet. Creating complex passwords does not just mean lengthy. Your passwords should be a combination of uppercase & lowercase letters, numbers, and special characters. Lengthy passwords but only characters or numbers can be guessed by bots.
Password managers can create a strong password and auto-fill it in the password field. Users can also choose the password length. A lengthy password with uppercase, lowercase, numbers, and symbols is impossible to crack.
Dark Web Monitoring
Password managers also monitor if your data such as your email id or phone number leaked in any hack. Dark web monitoring is a marketing term and does not mean they scan hidden services on the dark web.
If your email id or phone number has been leaked in any hack, password manager will inform you about it to take immediate action to secure your account. You can change the password of the leaked account and change the password of the accounts where you used the same password.
Password sharing is common among family members and friends. Using Whatsapp, Hangout, Facebook and other methods to share your plain-text passwords is extremely insecure.
Password managers can easily & safely share password(s) with friends & family.
Best Password Managers For Linux
Bitwarden is the most affordable password manager. It provides almost all basic features free of cost such as unlimited passwords, sync passwords across all devices, strong password generator, and an option to self-host passwords.
Its premium plan costs only $10/year that’s less than $1/month. Premium plan provides more options such as Bitwarden authenticator, Emergency access, Encrypted file attachments (1GB), Text and file sharing, Two-step login with Yubikey, U2F, Duo, and overall password health report.
Bitwarden also provides a client for Linux distributions. You can also install a browser extension to use the auto-fill password feature, generate passwords easily, and many other features.
LastPass is a featured-rich password manager available for all web browsers as an extension. It provides a free basic account with unlimited passwords, Two-factor authentication and multiple-factor authentication, secure notes, dark web monitoring, multi-device supports, generate strong passwords, password sharing, and so on.
The best feature of LastPass is that they allow saving unlimited passwords with the free plan. So once you signup and stop premium subscription, you can continue using it as long as you want.
LastPass premium membership costs from $3/month and family plan costs $4/month.
Dashlane provides similar features but it requires a paid to access most of the basic features. It encrypts passwords, has two-factor authentication support as an added layer of security, allows users to save unlimited passwords, can be installed on multiple devices, generate strong passwords, dark web monitoring, password sharing, and so on.
One thing I dislike about Dashlane is that they allow only 25 passwords in free plan. If you have more than 25 accounts, you will have to subscribe to their premium plan.
Dashlane premium plan costs $3.33/month and family plan costs $4.99/month.
Enpass is a password manager available for free on desktop. Yes, it’s free on desktop. With all the above features, Enpass provides its users complete access to their password managers. It allows users to store their passwords on cloud services of their choice.
Users can use OneDrive, Dropbox, Google Drive, Box, iCloud, Nextcloud, WebDAV, and Folder Sync.
Enpass also has a desktop client that one can install on any Linux distribution that supports snap applications. One disadvantage of Enpass is that it does not provide two factor authentication with free plan.
Enpass individual plan starts from $2/month and family plan starts from $3/month. Enpass also provides one-time plan that cost $79.99 and enjoy all the upcoming features for the entire life.
KeepassXC is a free and open source offline password manager. It securely stores your passwords and generate an encrypted file that users can store anywhere. KeepassXC can create strong passwords, save unlimited passwords, and web browser integration through KeePassXC-Browser extension.
It is a cross-platform password manager availbale for Windows, Mac, an all Linux distributions. Use package manager of your distribution to install KeepassXC on your distro.
1Password is a paid-only password manager. Although you can signup for a 14 day free trial to test its features. With regular features like unlimited passwords, two factor authentication, multiple devices support, etc. 1Password has a unique feature called Travel Mode.
Travel Mode as the name suggests can be turned on while travelling across borders or any area where you think somethik unexpected may happen. Travel mode will remove all the vaults from your devices. It will only keep the vault that you have marked as safe for travel.
Once you’re back at home, you can turn off travel mode and your vaults will be back.
1Password also requires at least two passwords to authenticate into your account. First is the secret that is created on account signup, and the other is the master password. Besides these two keys, activate 2FA to further secure your 1Password account.
1Password premium membership starts from $2.99/month. Family membership costs $4.99/month.
|Unlimited passwords||Paid plan only||Yes||Paid plan only||Yes (On desktop only)(Paid on mobile)||Yes||Yes|
|Multiple devices||Yes||Paid plan only||Yes||Yes||Yes|
|Generate strong passwords||Yes||Yes||Yes||Yes||Yes||Yes|
|Dark Web Monitoring||No||Yes||Paid plan only||Yes||No||No|
|Passwords sharing||Paid plan only||Paid plan only||Yes||No||No||With family plan only|
|Cloud sync||Yes||Yes||Yes||Yes (User choice)||No||Yes|
Password managers for Linux help a lot in protecting your passwords and create strong passwords. The reason why I don’t use built-in password managers is because I do not want to stick with one browser. Your web browser play an important role in your online security and privacy. Whereas most of the web browsers are either based on Firefox or Chromium.
I prefer web browsers that provide the same security with additional protection for my privacy. I use Brave web browser, a privacy-focused web browser.
Using a third-party password manager allowed me to easily transfer from Chrome to Brave. The password manager I use is LastPass. It keeps track of my vault health, provide basics features free of cost such as unlimited passwords.
The other password manager that I have used for a long time is KeePassXC. It is a free, open-source password manager but it lacks an official client for Android and iPhone.