This page is a curated collection of computer hardware and software that I recommend to people. I have thoroughly researched and personally used every item on this list.
All applications listed here are free software, meaning they are released under freedom-respecting licenses.
Don’t reuse passwords. Use a strong, unique password for each online account. Aim for 13 or more randomly generated characters including letters, numbers and punctuation. Anything shorter than 8 can be cracked in milliseconds, and even passwords longer than 20 characters can be vulnerable to dictionary attacks.
I advise against using password managers that are built directly into your web browser since that restricts your choice of web browsers going forward.
The simplest method is not to use software at all! Literally write your online passwords in a private notebook and keep it in a safe place; for example, a locked drawer in your bedroom.
I realise pen and paper is plain text, but for tech illiterates who don’t trust themselves to store passwords digitally in a safe way, it is surprisingly effective. Cybercriminals are seldom burglars and vice versa.
This method is not perfect though. It is prone to shoulder surfing and theft. Also, if your house burns down or is flooded then your passwords may forever be lost.
Bitwarden is a free/libre password manager suitable for computer users both novice and experienced. There are clients available for all major web browsers and operating systems, desktop and mobile.
All your data is encrypted and stored securely on a remote server where you can’t lose it—just don’t forget your master password!
The canonical instance of Bitwarden (i.e. not self-hosted) offers paid plans, but for most individuals the free plan is plenty.
For advanced users who are comfortable using the Unix shell, managing a personal PGP key pair and maintaining backups, I recommend pass—appropriately dubbed “the standard Unix password manager.”
Pass is licensed under the GNU GPL, version 2 or later.
In addition to the included
passmenu script, I like to use the
Browserpass extension (via Debian’s
retrieve passwords from my
~/.password-store/ and auto-fill login
pages in Firefox. It is distributed under the ISC license.