Password Manager

John_G

Hi.

After many many years with Bitdefender I have finally been forced to 'upgrade' to the password manager, from the wallet. Thank goodness I am using the trial version first as it is not worth purchasing. Having a password sitting in a open text document all day is not really my way of being more secure.

I would just like to find out from other users, who are probably as frustrated as I am with the password manager, if there is another 'stand alone' password manager that can be used. At the stage I would like to keep the other Bitdefender components, but the password manager in it's current form is not and option.

Thanks - John.

David B

Jon,

I wish you the best of luck. I hunted for months trying to find something that I'd be ready to trust (i.e. recommend to colleagues both Tech Savy and Not.) Alas I couldn't find anything. As a final "nail in the coffin," from what I've found all of the big time competitors have gone the same route.

I'm not too sure how much I trust having the credentials stored in an online database, but my previous statement hasn't changed. It's basically one of those situations of "it it what it is.'

Alexandru_BD

Hello,

I believe it goes without saying that Bitdefender has never sacrificed security over easy fixes. We work in an environment where reputation is key to keeping the front door open. As such, we can’t afford to cut corners. When it comes to password security, It’s not just passwords that are being encrypted, but whole data sets, like urls, domain and usernames, credit card data, notes, identities etc, If someone should get ahold of the users’ encrypted data, it would simply be impossible for them to pick just a particular website password to crack, since there are no details about which information this particular data set contains.

Encryption keys are not generated from the user’s master password, but through derivations of data including a strong random key. Instead of PBKDF2 we use a much more secure hashing function called ARGON2ID.

Sensitive user data does not leave the device without being encrypted in a secure way. We encrypt and decrypt everything locally, so the cloud service has no way to decrypt the data without the user’s master password and the keys which are generated locally.

Password Manager is using an end-to-end encryption system, which means all data is encrypted and decrypted only locally on your device. The product is ISO 27001 and GDPR compliant.

To conclude here, I think there is no doubt that Bitdefender currently offers the safest way to secure your passwords. Look no further but if you do, make sure to do a thorough research before choosing anything else.

Regards,

Alex

gbillings

This is a relatively recent thread and wanted to add my feedback to BitDefender Password Manager - I am coming from BitWarden and the migration process has not been great. I have evaluated a few security suites and have chosen BitDefender - but the password manager is not up to snuff vs. BitWarden. I don't have the ability to purge all my records - so I deleted 300+ entries manually. Bitwarden lets you save multiple URL's and Android app's per login and Bitdefender just can't deal with them - it creates new login entries for each URL - so I have six Adobe login's in my vault. After purging and re-importing...... I somehow got the same result. Makes the bitdefender reporting tool showing duplicate passwords useless. None of my 2FA's came over during either import. I was kinda of expecting that result but looking at the csv from BitWarden, it has the key's so....

The android app - if the phone is in dark mode, the app needs to support dark mode of the vault items. It's possible it's my phone but I don't think so.

Why isn't there a full blown web interface for Password Manager? The project team should take a look at BitWarden's UI/UX and see about replicating the ease of use.

Also, on the android app, there is a quick toggle to open the password manager, but nothing to force an autofill - I used this quite often on Bitwarden when the app or login via a browser wasn't auto detected

Regret

Honestly, i second the interface criticism. (Third?) I am coming from RememBear so i am already feeling the loss of the cuteness. But the import was painful even though RememBear has CSV export. And the inability to do any sort of database management or editing is a really deal breaker.

Yes, i miss my Bear. But i am not sure i am willing to pay any money if i can't get at least equal functionality without the reassuring Bear.