Passwords vs passman

Hi. I’m just starting to use Nextcloud and deciding if I should use passwords or passman. I see passman is from the nextcloud developers while passwords is a third party app. I’m just wondering what the reasoning is behind creating passwords and why I would choose it over passman?
Thanks

Have used both. Passwords does not have End-to-End encryption, but is slightly easier to use.
Passman: high functionality++
Passwords: ease of use++

I base this not necessarily on hard facts but just my personal opinion.

I was wondering about the same (and about which audio app to use. One can’t handle large music databases and the other…? Both do not stream to android which means I can not listen to music from nextcloud on my phone).

One of the apps, I think passwords, supports keepass files. Keepass is really good for generating and storing passwords, usernames, urls, extra info. You can use it on multiple platforms.
In my opinion passwords is better because of that.
@darioce what do you mean it does not have end to end encryption? Can you enable it somewhere for passman? I’m having issues with encryption. I enabled encryption on the server side, but I can remove my usb with data and open everything on my pc…

It’s mostly a matter of personal opinion. Though if it’s true about the end to end encryption then I assume passman is saver to use.
I’m not using either of them, because I don’t feel comfortable storing sensitive information on a webserver like passwords. Same goes for files, since they are not encrypted. A good hack would expose everything.

There is a extensive (but probably slightly biased) feature comaprison between the two apps.

Passman was mostly developed by brantje and is currently maintained by newhinton. It is not an official Nextcloud app.
The development of Passman has slowed down significantly in the past years and without newhinton there would have been no release for Nextcloud 14 at all.

Passwords was developed last year as a drop-in replacement for the Passwords App for OwnCloud.
As @darioce already noticed its strength is the user friendly interface that is very similar to the standard ui you are used from Nextcloud.

Passman can encrypt passwords in the browser, while Passwords can only encrypt passwords on the server. Both ways will not keep an attacker with access to your server from stealing your passwords, but with Passman it is notably harder. Passwords has a ticket open to implement client side encryption, but it will still take some time. (I can tell because i’m the developer :wink: )

There are still some things that Passman can do that Passwords can’t. If the client side encryption offered by Passman is important for you, you can use the app. You can switch to Passwords at a later point without loosing your passwords. (If you get the export in Passman to work).

3 Likes

Thank you to everyone for the responses. I think at this point, the client side encryption is important to me. I also notice on the wiki comparison, that passwords extension doesn’t support autofill, while the passman extension does. This being the case, I’ll probably give passman a try first.

Just thought I’d reply back after giving both passman and passwords a try.

TLDR; I’m using passwords.

I was able to easily import my passwords from LastPass into both Passman and Passwords. After importing, I decided to see if I could then export and I found the Passman export feature would not work at all for me. Export on Passwords worked flawlessly. Given that alone, I knew I was not going to use Passman, so I started testing out Passwords.
I really like that Passwords shows for each entry if my passwords have been Pwnd. I thought not having client-side encryption would be a big deal; however, I remembered I don’t even use it for LastPass. I always enter my password and check the ‘don’t ask again’ checkbox, so my passwords aren’t encrypted on my computer anyway.
The Chrome extension is fine so far. While there isn’t autofill like LastPass, the extension does detect what webpage I’m on and automatically show me the entry when I click on the Passwords toolbar button. I can then click the entry and it will fill in the username and password entries for me.
I do think the extension could use some more love though. It seems pretty slow sometimes to show me the entry for the website I’m currently on. I’m assuming this could be improved with better caching.
All in all though, so far Passwords seems pretty good.
Thank you @mdw for your hard work on this project.
Regards,
John

So as the post i responded on and also was offtoppic, had been removed as well, this post is due for deletion…

Hi! I wanted to let you know that Passwords now has an Android client with modern look and feel that has client-side encryption, what brings encryption at any stage, if you use the Android client. Moreover, fully featured E2E will be available soon.

Personally I’d better prefer Passwords than Passman. I find it more integrated with Nextcloud and it has also quite good bunch of features like sharing, history of changes, strong password generator, automatic checks for breached passwords and strength… And from the development perspective it is attractive too. Code quality is excellent, it has an extense documented API and it is constantly being maintained.

2 Likes

I’ve been using the passwords android client and I really like it. Thank you for your work on it.
Any chance of it supporting the autofill service for android any time soon? It would be nice if passwords could detect what app I’m using and support directly filling in the fields.

Thanks @jalberts, glad you like it. I would also love to have the auto-fill service. And I even did some initial work on it. I hope that your “soon” be sooner than later.

1 Like