21
Feb
pwb

I only know one password: my master password for LastPass. There's absolutely no possible way I could ever memorize all the passwords I have across various sites on the internet (well, maybe I could, but I don't want to). Simply put, password managers are a godsend.

If you're not into LastPass for whatever reason (or just looking for something new), it may be time to check out PasswordBox. It's basically on par with LP when it comes to price ($12/ year) and having you covered across multiple devices (Android app and Chrome extension), but as of the most recent update to the Android app, it also boasts a feature that LastPass can't hold a candle to: one-tap logins. It's killer.

It really works like that too (for the most part, anyway) – once everything is set up, open an app and let PWB do the rest. Not all apps are supported right now, but they claim roughly 80 percent of the 1000 top apps are already covered. That's a damn good start.

Of course, LastPass has its dedicated keyboard that can auto-fill usernames and passwords as well, but this method is far more elegant. It's literally one tap.

1 2 3

While the premium version of PasswordBox is $12/ year, there's also a free version that allows for storage of 25 passwords if you want to check it out before ponying up the cash. You'll find it at the widget below.

Cameron Summerson
Cameron is a self-made geek, Android enthusiast, horror movie fanatic, and musician. When he's not pounding keys here at AP, you can find him spending time with his wife and kids, plucking away on the 6- or 7-string, or watching The Texas Chainsaw Massacre on repeat.

  • Fatal1ty_93_RUS

    This looks fishy, storing logins/passwords in an app? How do I know they are not collecting such data from users?

    • http://www.androidpolice.com/ Artem Russakovskii

      No different than LastPass, Roboform Everywhere, and other similar services that sync to the web. You have to trust that when they're saying the data is encrypted with your master password which they have no access to, that they're not lying.

  • atlouiedog

    I've been with lastpass for a long time on my browsers. If they added one-tap I'd move up to premium instantly. I'm going to try this one out now.

    • http://www.anivision.org/ Christopher Bailey (Xcom923)

      I use dolphin for that exact reason. I've been using one tap logins but I never thought about it for other apps. If Lastpass could do this I think things would be so much easier for me. I don't want to pay for 2 different password storage places though

  • M.J.

    Don't store your Gmail password in LP. It would really, really suck if LP has a security breach and you can't even get into your email. Two factor may solve that but I don't think many people are using it, unfortunately.

    • atlouiedog

      I agree with this advice. There are a handful of passwords that I do not store in my password manager like my Google account and sites that have to do with my finances.

      • Guest

        You have obviously chosen to ignore the 3 comments above yours.

        • atlouiedog

          You obviously don't know how timestamps work.

          It's not just about the service's security, but my own. If someone stole my laptop in sleep mode and cracked the windows password (not hard) they'd have access to my password manager. I don't care if they sign into disqus and comment, but they'd probably go straight for my email and bank accounts.

    • http://www.anivision.org/ Christopher Bailey (Xcom923)

      the likely hood of LP being breached is low. You should read up on how secure they are. I know nothing is unhackable but if you really think about it breaches aren't really the main way people get passwords it's social engineering that you really have to worry about

    • Nathan Borup

      LastPass has security breaches covered. From their website "Sensitive data is only encrypted and decrypted locally(on your device), with a key that is never shared with LastPass" Therefore the security breach would only result in a bunch of hashes with no key to decrypt them with

      • Paul Klinger

        It's not quite that simple, if their google developer account gets taken over someone could push a malicious update that sends the master password to an attacker.

  • saimin

    I use KeePassDroid as my password manager. It is compatible with KeePass for PCs. The Android app has no network permissions, so I know they are not stealing my passwords and there is no central network database for hackers to attack. You have to sync your personal password database manually with your PC, but I consider that to be a security feature.

    • jp-

      Keepass2Android is an excellent Android client as well. It does syncing via Dropbox (and webdav, maybe others, not sure) if you want, features a "quick unlock" of your database (if you activate that feature, you only need to enter the full password the first time, following that it's only the last 3 characters). It also comes with a Keyboard feature for those pesky apps that don't allow copy/paste (looking at you, amazon appstore) and looks nicer than KeePassDroid. And it's free. And Open Source, so the Internet permission shouldn't be problematic.

      • Anonymous

        Also, you can use BitTorrent Sync to make sure your password store is up to date on both your phone and PC, without needing to transfer anything back and forth manually, without having to even be on the same network (just requiring Internet access of course), and conduct the transfer in true P2P, encrypted fashion. All the benefits of storing everything in the cloud, with no cloud.

        • IhaveAbrain

          Who is this moron that is trying to get people to sync their passwords over a p2p network. You have to be the dumbest person ever to do that.

          • xnadax

            First of all, your password data is encrypted before you share it, and secondly, traffic over BitTorrent Sync (not regular BitTorrent) is also encrypted.

  • c00ller

    LastPass has some catching up to do!

    • Ryan

      I'm a lastpass premium member, and I have a HIMYM-level crapload of passwords stored. luckily a friend of one of the android engineers for passwordbox follows me on g+ and pinged him. now I know there is an easy way to import everything from lastpass.

      https://plus.google.com/u/0/+RyanYakus/posts/3QFcZfuiPZX

      • xnadax

        "This post could not be found."

        • xnadax

          I don't know why Ryans post got flagged, but because of that I can't reply to it. Anyway, thanks for the link to the startpage-free version. That was driving me insane! (You could just disable the startpage, but it still stole focus from the address bar whenever you opened a new tab).

    • xnadax

      PasswordBox has some catching up to do, too, it seems. I've been trying it out for a while, and there are many pages where it doesn't recognize me signing in, and therefore doesn't save my password. All of these sites work fine with LastPass. I also find the UI pretty slow, and that's with only a handful of sites saved. I wonder what would happen if I import all ~400 sites I've saved with LastPass (that's a lot of accounts...).

  • duse

    I love LastPass and have used it for many years. The bookmarklets on Android work so well that I don't even care about not having a native Chrome extension there anymore. Their recent UI redesign is also very good. Pasting passwords into apps is pretty much the only clunky thing right now, requiring either manual copy and paste, using the password notifications, or the LP keyboard. Something like this where it pops up right there seems like a good idea. I like these types of novel things like drawing over other apps that Android lets you do.

  • Anonymous

    KeePass is far superior. Your passwords are not stored in the cloud, and if you use BitTorrent Sync, you can have the most up-to-date keystore always stored locally on your phone, safely and securely, over P2P. There is also a Chrome extension which can connect to KeePass's store as long as your database is currently unlocked, and can detect and fill in password forms (and you can select the fields yourself if it can't determine what they are). No passwords stored in your actual browser. And the cost? Free. Also, the Android app lets your copy your username and password to apps in a very simple way.

    $12/year for one-click (which I'll admit is somewhat nice) and the possibility of account compromise? No thanks. I'll take the free route, which is even more secure, ironically.

    • Deonix

      Password Box does not store passwords in the cloud... at least check the product info before complaining.... Go to their website.
      Glad i joined the password Box unlimited free for life early adopter registration process. I use it all the time.They also have a Firefox extension which i use. Great features, improving all the time.

    • IhaveAbrain

      Who is this moron that is trying to get people to sync their passwords over a p2p network. You have to be the dumbest person ever to do that. Regardless of whether or not they're encrypted- why would you ever trust a torrent app for that kind of sensitive data? Completely senseless.

      • austmeliamne

        BitTorrent Sync uses the bit torrent protocol to sync between your devices. It doesn't send your info to other users in a bit torrent swarm like when you download something from the pirate bay.

  • Anid Monsur

    It's not a password manager, but you guys should do an article on LaunchKey. https://launchkey.com/ They have such a cool idea with slick implementation too. Would be amazing if their concept went mainstream

  • Joseph

    I'm more of a msecure fan myself.

  • ChristianAhlin

    I just don't get it. If I have 2 step and PIN on my phone (and guard my session as a hawk): Chrome stores my passwords and I only have to login to apps once every two years when I buy a new phone. And the login with G+ is spreading further as we speak.
    I've tried last pass and keepass and just don't get the use case. Is chrome a big security liability?

    • Björn Lundén

      Browsers have historically stored your passwords either in plaintext, using some simple encoding or enrypted with a key that can be retrieved easily. That has at least been true for desktop browsers and anything that stores passwords that the application can retrieve without you entering a password or unlock key.

      Even if stored properly that only covers websites. Password managers lets you store passwords or other secret data for use with anything.

  • Marcel

    All of you LastPass Users ... you can import you passwords from LastPass to PasswordBox without breaking the limit of 25 passwords... basically you can import as many passwords as you want without paying! That's pretty cool from PasswordBox to do that :) https://blog.passwordbox.com/2013/05/24/new-password-importer-heres-how-it-works/

  • http://twitter.com/theadb theadb

    Dashlane FTW.

  • 9TEN11

    Lastpass now has the same 1 touch login feature.