I investigated every password manager in this thread and none of them have the features I want:
1. Android and Windows desktop version.
2. Android and Windows sync automatically with no user interaction.
3. Sync copies only changed passwords, not the whole password file.
4. No yearly subscription cost
Feature 3 is important because I don't have regular data access with my phone. I pay $1.50 for a day of access occasionally (T-Mobile pre-paid), but otherwise it usually only has internet access when it's at home connected to wifi. Therefore it's likely I'll make changes to the password database and when I come home I may change the desktop database before a sync occurs, meaning neither database file can be copied over the other without losing something.
I suppose I could go with one of the dropbox sync options and hope dropbox does a sync when I get a data connection before I make changes to the other database, but it sounds unreliable.
Here's my brief notes about each password manager in case it's useful to anyone:
o OI Safe
- Android only - no desktop.
- Been using this for a couple years and it's fairly good. Some bugs have lingered for well over a year with no fix, like about 15% of the time when I type the correct password it returns to the password screen as if I hadn't done anything (if I type the wrong password it shakes and says wrong password). Also, every once in a long time it keeps passwords open forever instead of timing out and locking them.
- I saw a post somewhere that I can't find again that said the version of AES used is a fast but low security version that could be broken with some brute force effort.
o Keepass
Features - KeePass
- Old and popular open source desktop app. Android has support only for writing to 1.x DBs but 2.x has been around for awhile.
- Sync using dropbox:
How to Use Dropbox as the Ultimate Password Syncer
- Sync overwrites entire DB so if you make changes to different passwords in two places, changes in one database will be lost.
- Plugins for 2.x Desktop database are able to sync on a per-password basis but there is no Android sync yet.
o SplashID
- $10 Android, $20 desktop. Syncs, but only by logging in to both clients and clicking sync.
- Lots of user complaints about slow bug fixes, slow performance. One bad bug is if you log in, kill the app, then next time you open the DB it needs no password to see.
o B-Folders
- Free android, $29.95 Desktop. Syncs, but only by logging in to one client and clicking sync.
- Tested and android has good performance.
- Support responded saying auto sync is on their list of features to add but "not at the top". He also said they're working on a mysterious and exciting new sync feature but did not give details. Since they plan to add auto sync some day I may go with this solution for now.
o mSecure
- $5 android, $15 Desktop.
- Syncs, but only by logging in on Android and clicking sync (if I'm reading the user guide correctly).
- Sync requires installing Apple's Bonjour on Windows which I don't like having to do.
- There was a comment on the android app store that it put passwords in an XML file that showed the password when viewed with an external editor. This may just be someone who exported their passwords and got confused, but is worth investigating.
o SecForms
- Syncs, but only by logging in to both clients and clicking sync.
- Free android, free PC unless you want to sync, which costs $20.
o Lastpass
https://lastpass.com/
- $1/mo to sync to their servers
o Keeper
https://www.callpod.com/products/keeper
- The auto sync will initiate on login and when a record is deleted, edited, or saved which might be an okay solution if it syncs individual records.
- Syncs via wifi on local network or to their servers.
- $30/yr! Apparently there was a non-subscription version as recently as Sept 2010 so I asked if I could continue to use wifi sync after 1 year but they said no. Someone on the forums said even if you purchased it before Sept your wifi sync is going to stop working after a year - that seems dishonest.
- A user claims it doesn’t properly sync delete operations…
o Secrets
secrets-for-android - Project Hosting on Google Code
- No desktop version, but free and open source.
- Can keep 10 backups on sd card that could be synced using dropbox.
o RoboForm
- Has android and desktop.
- Somehow syncs using their online server but costs $10 for first year, $20 additional years.
o TinyPassword
Tiny Couch - Tiny Password - Password Management for Android OS
- Pretty cool but no desktop app.
o eWallet
eWallet Viewer for Android - Password Manager and Digital Wallet
- Can only be edited on PC. Android app can only view.
o Moxier Wallet
Moxier Wallet | Secure Password Manager | FAQ
- May support auto sync but requires $20/yr subscription.
o Wallet for Android
http://timothyjc.blogspot.com/2010/12/wallet-for-android.html
- Android-only app, no desktop
- Built in option to sync to Dropbox
o 1Password
Welcome to Agile Web Solutions
- Supposedly there’s an android version now but it isn’t listed on their site.
- Syncs only entire DB via Dropbox
o Ascendo Datavault
- They're working on an android version but have no public beta yet.
- Asked about auto sync, no response so far
o SafeWallet
SBSH Software for iPhone, iPod Touch, BlackBerry, Windows Phone, Smartphone and Symbian S60
- Supports sync, but not automatic.
o Facile Password Manager
- Android only
o Universal Password Manager
- Open source creation of some guy. You can have the PC or Android version place a copy of the DB on a web server you’ve configured and it will download an updated copy from there each time you make a change and upload after each change. This might be an okay solution except if I make changes with no data connection (if it even lets me), then I run the risk of making other changes on the desktop before I remember to sync Android and one or the other will lose modifications I made.
- The android UI is very basic. Pressing back button after editing a password discards edits with no warning.
- No import option in Android – not sure about PC.