2023 was a record-breaking year for cybersecurity in a bad way. Ransomware payments hit a record high of $1.1 billion, which is likely to…
You must log in or register to comment.
BitWarden
and/or Vaultwarden as a selfhosted alternative.
Vaultwarden is a great piece of self hosted server software, which meshes with Bitwarden software perfectly. And for people who can’t self host, IMO Bitwarden gives you more than enough bang for your buck with their own hosting plans.
It’s one of the few examples of software being open source and ethically making money regardless. (For comparison, Standard Notes has tried pretty hard to make sure non-paying users have an inferior experience even if they self-host literally everything.)
Standard notes is very unethical. They want you to pay for open source software even if you self host. Very scummy.
I was really disappointed about standard notes’ plans. Took me forever to get everything set up to self host, only to find I couldn’t even use markdown unless I bought a license? Silly.
Yeah, the value of buying a hosted service should be the fact you don’t have to worry about hosting it yourself. Not a tiny piece of Javascript that was grabbed from a third party developer anyway.
I can see what they’re trying to do, but the experience leaves a really bad taste in my mouth.
<$1/mo for bitwarden hosted premium is a no brainer for me
I’m excited that the bitwarden phone apps are getting a brand new native version for ios and Android soon.
the current version is not native?
No, its built on a Microsoft framework, that MS has decided to change recently. That’s why its sluggish and they can’t add features like passkeys to the current client apps.
Tried, and not a fan of. The organizing features are kind of not what I expected. Sticking to KeepassXC for now.
I actually thought the organization stuff is pretty good, coming from keepassxc myself. The way we have it set up is that each of the members of our family all have VW accounts, and we have a common organization shared among us for stuff we all use (e.g. home devices). It’s all in one installation, so it’s pretty convenient. I don’t think I can do the same as easily with keepass.
That being said, keepass is a really solid piece of software. I’d recommend it myself.
Bitwarden + aegis for everything possible.
Authelia or authentik for self hosted stuff.
pass.
Corporate Headquarters
Bitwarden, Inc. 1 North Calle Cesar Chavez Santa Barbara, CA 93103 Bitwarden, Inc. is the parent company of 8bit Solutions LLC
Something tells me they’ll enshitiffy too. It would make me uneasy storing all my passwords with a for profit corp, on their servers.
They’ve already open-sourced all the best parts, and there are independent OSS projects based on that. If BE fucks with their user base, they’d be messing with their livelihood.
Is Keepass there? Good. Upvote.
Prefer KeepassXC but let’s be honest, the best password manager is the only you actually use and keep using.
And that doesn’t get hacked!
Prefer KeepassXC
Why? Keepass has lots of plugins and XC doesn’t, right?
I like KeePassXC because it’s written in C and is thus cross platform, while KeePass is written in C# and relies on Windows UI libraries. You can run KeePass on Linux (and I did without usability issue for years) but it will look god awful.
I won’t knock plugins, everyone has weird use cases, but I don’t know what people need KeePass to do that it doesn’t already do out of the box. I’ve certainly never felt the need for any.
I would only use KeepassXC
Still using KeepassXC on desktop and laptop and KeePassDX on mobile.
This is exactly my setup. How did you know? LOL.
File synchronized with Syncthing? :)
+1 For KeepassXC, I use it in combination with syncthing to have my passwords available on all devices.
Nextcloud syncs my KeepassXC safe.
Been using that same setup and very happy with it.
Same for me
I’ve been using Proton Pass since it launched and I think it’s really really good.
Positives:
- Nice integration with both desktop and mobile
- Integrated in the proton suite, which I was already using
- Allows you to generate an email alias for each login automatically. Websites will never have your real email and you can easily generate a new alias if one has been compromised
- Supports 2 factor authentication via TOTP, works really well
Negatives:
- No passkey support yet
- Free version only supports like 5 email alias
My favorites:
- Proton Pass
- Pros: Aliases, Proton integration
- Cons: No passkeys (yet), native desktop apps in beta
- 1Password
- Pros: SHH agent integration!
- Cons: Least open
- Bitwarden
- Pros: Most open, self hosting option
- Cons: least polished user experience
1Password supports passkeys btw. With aliases via Fastmail.
Proton Pass Pros: Aliases,
1Password technically does have aliases too but it requires a fastmail.com subscription. I use it and it works quite well though.
- Proton Pass
Vaultwarden
I use keepass with my database on onedrive.
Then i connect every device to said onedrive account, copy the private key manually on each device that i need to use.
I secure my databse with said private key + a passphrase.
Might not be the best setup, but i feel like with passphrase+key i am secure enough to have the db file in the cloud.
you could encrypt onedrive with cryptomator
KeePass for me. I keep my encrypted vault in my 2 factor encrypted gdrive. Get the best of both worlds. No traditional cloud that’s a target for hackers and I have passes I can share across devices.
No love for Nextcloud Passwords or Passman? Both have plugins for Nextcloud and have Android Apps.
No love for Nextcloud
Pretty much in general for me now. I gave it an honest go for six years but there were at least four instances where a server upgrade required nontrivial intervention to bring it back.
Syncthing + Keepass[DX] has been solid for me.
Which one was that Passman or Nextcloud? I’ve run two instance of Nextcloud Password and one of Passman, for about the same time, with no issues.
Other people do seam to have issues running Nextcloud in general, but I’ve never had anything but PHP version stuff that is easier fixed. I love Nextcloud!
Yes! Been using it for a long time now! Never had any (major) issues!
Snap! 😃
Pass (Password Store)
If you are into the command line, pass is also neat. You can even have your keys in a git repo and access it with a FOSS Android app (requires some dedication to set it up). It’s very useful to feed passwords to scripts without hardcoding them in the source.
I use Bitwarden for passwords. Just works so well.
KeepassXC and KeePassium for TOTP codes. I keep the database in the cloud but sync a key with Syncthing that’s needed to unlock the database on the devices themselves.
Locally hosted bitwarden (vault warden) that is only accessible on your local network is the way to go. When a new sync is needed away from home, wireguard VPN to connect back in makes everything nice and secure. Otherwise most of the time the vault is cached to the device locally so you don’t need to phone home to access passwords.
I love Dashlane, someone tell me why it’s bad.
I know they recently published the code for their clients, so that’s a plus. But I can’t find any independent audits for their architecture or clients.
While all mentioned options does have independent audits done.
Aslo more expensive than Bitwarden for example, should u want to pay for premium.
Microsoft Excel file
OneNote page
Post-it notes on the monitor.
😱
That’s terrible practice
Yeah they should be using Office 365 or Google drive.
How about a password manager
Technically Excel and 365 and Google sheets can be a password manager.
My point is shouldn’t be used as a password manager
