I don't know about the others, but KeePass doesn't have a "record" mode. It is basically just an encrypted database file... you need to create new entries (bank, school, Amazon, email, etc) and you enter the URL for the login page, the username, the password, and any relevant notes (like security questions). Its best to store https secure URL's if they are available.
Inside the database, you can create categories/folder to help with management... like Banking, Shopping, Websites, etc. Or, if you prefer, you can keep a number of totally separate databases.... which will require a totally separate password to unlock each database too. I wouldn't personally make too many because of the difficulty in remember really strong passwords that you should use as a Master Password... but I can easily imagine a separate database for "Work" versus "Personal" for some users.
Once you create some entries, the operation is simple: Click on an entry you wish to log in to, hit CNTL-U (for URL) and KeePass will open your default web browser and take you to the site. If the browser is already open, KeePass will open a new tab instead. Then there are 2 ways to use KeePass to enter your login info... 1) drag and drop the ******* info from the KeePass window into the page you want to log into.... or 2) Click the KeePass entry to be sure it is highlighted, hit CNTL-B to capture the username, then click into the web page username box and hit CNTL-V to paste. Go back to KeePass and this time use CNTL-C to capture the password, then click into the web page password box and again hit CNTL-V to paste. There is a security timer built in to KeePass so you have to do these copy/paste operations without a long delay.
There is another feature called "auto type" but I do not use it. There is some risk associated with it from keyloggers.
KeePass (and I'm sure the other products too) has a password generator to help you create difficult strong passwords. You can specify how many characters, upper/lower case, numbers, special characters... even high ANSI characters (which I would probably not recommend in most cases). As you build your database and find you are using passwords that are too short, or insecure.... you can use this generator tool to help you change to better passwords. You'll have to watch the sites you log into, and you'll find that some may only allow 8 characters, and some have other restrictions that you must comply with. The password generator helps you to set those criteria first so that you generate a usable password.
DO NOT LOSE YOUR MASTER PASSWORD TO OPEN THE DATABASE. Other products may have some kind of "password recovery".... but KeePass does not. (I really wouldn't want a company to store my master password anyway!) You should use a strong master password, but if you forget it, there is no way for you to get anything out of the database. You should also make more than one backup of your database.... long story, but I corrupted my working copy and my backup when I first started using it, so I had to rebuild the entire database again from scratch. Not fun. Final comment... KeePass will also let you export your information to a CSV file that you can open with Libre Calc or some other spreadsheet program.... this is handy to clean up a little and print a hard copy of the usernames and passwords.... but of course it should be kept in a very secure location! But a hard print copy is a final backup for you also.
I have recently stumbled upon Avendesora and am quite impressed. It is a linux only command line application, which I happened to be looking for, but if you can live with those constraints it is otherwise quite powerful and efficient. I have been using it for several months now and am completely sold on it. It has most of the standard features, plus some really useful uncommon features. For example, you can use a single keystroke to sign into your accounts in your browser, but you can do the same with most applications, including your shell. It can also open your account in your browser from the command line, and it checks the URL to make sure you are not being phished. However, one of the nicest features is that you can have any number of secrets associated with an account. My brokerage gives me the opportunity of having different passwords for different actions (accessing website, changing settings, trading, extracting funds, etc.). It seemed like a nice security feature, but it was a nightmare until I started using Avendesora.
Support for one-time passwords has just recently been added, so it can now replace Google Authenticator or Authy, and often with a single keystroke.
Yeah, paranoia runs deep here also. I keep my passwords in a spread sheet, on a computer which NEVER is network connected. It also has the drive in a caddie, which gets locked up when I leave the house. I have a printout, but it also stays in the safe. You just cannot be too careful nowadays. As far as using the cloud, no way! I don't want my data "out there" in cyberspace. Judging from the adds that I receive, the dataminers know too much about me already. If anyone breaches the cloud, the aromatic brown substance will really hit the rotating airfoil!
Yeah, me too. I am too impatient keep my passwords in cold storage, but I won't put them in any proprietary software, especially if there is a cloud component. I also won't put them on my phone. I need an open source operating system and an open source password manager. I spent some time looking at the Avendesora code, it seems pretty simple and clean. There are no unpleasant surprises there. And it is all based on GPG. All in all, a nice combination of security and convenience.
So Wiz, that means that is SHOULD be getting warmer here, and yet my wife still complaining that it is too damn cold. WTH? Welcome to @Autumn, and @fodil boualem. Nice to have you join our merry band of misfits. Feel free to add your wisdom to the mix at any time.
BTW, Wiz, I was referring to the snail mail ads. They seem to be determined to fill my recycle bin, and return to sender just does not work because the post office will just bring them back again. I don't understand how that works. So I just sanitize them first, and shred any address info that I have removed. Call me paranoid if you wish, but ......
I was just listening to an interview of a Syrian war correspondent on public radio here in the US and the interviewer (Terry Gross) asked about how she protected her notes ...
GROSS: How did you protect your notes? Because I'm sure you wanted to protect the confidence of people who were talking to you and not give anything away.
ABOUZEID: That is my - of paramount concern - that protecting my sources is utmost in my mind all the time. Well, first of all, frankly, I don't think anybody can read my handwriting.
They laughed, but I was stunned. She then described how she tries to hide them and use little tricks like @wizardfromoz to prevent people from using them if they were found.
And I am thinking, "Wow, her need to conceal her notes is life and death, and my linux.org password is way more secure than her notes."
It really seems like every journalist should be using Linux and GPG. It almost seems like a moral obligation. I wonder if there should be a special distribution just for journalists.
I use Lastpass. There are one time passwords that you can generate that only work for one login and there are some multifactor features available as well. It may not be perfect, but it is definitely better than trying to keep passwords in a ratty old notebook (my previous method).