I have recently started using LessPass for all my important accounts. What is LessPass? It’s a password manager, but unlike other password managers, it doesn’t actually know any of the passwords you have stored in it.
Okay, that doesn’t make any sense. How does it actually work? It securely hashes the settings you define, including the site name, username, “master” password, and some other things such as the number of characters in the password, and allowed character groups in order to generate a secure password. It does all this within your browser and without contacting a remote server. This is where things get interesting. Instead of saving the password, you just enter the same information again, and it regenerates the same password. You can set up an account with the LessPass Database which will let you store the settings for many sites and quickly recall them. It still does not remember your master password, and therefore has no way of actually getting the final passwords that it spits out. Of course, if you still don’t trust it, the database account is completely optional, and you can host your own pretty easily too. I really like LessPass, it allows me to never use the same password for any two sites like I am always told, have a nice password manager, and still not have any of my passwords stored in any databases. I think this is a far more secure system than LastPass or any other password manager on the market.
If that sounds cool to you and you want to give it a shot, you can try it out over at https://lesspass.com/. There is an applet you can use in real time right on the site, and you can also install it as an extension on Chromium and Firefox based browsers. There is an Android app for it too so you can always have your password manager with you. Of course, it’s also all open source and on GitHub (both the applet and the database) so you can host your own or make any changes you like.