LastPass users are once again being warned about stolen personal data, though this time the breach happened through one of the company’s outside partners.
I’ve been a faithful BitWarden subscriber since almost he beginning, but read up on them. They’ve Been making some moves lately that point in a bad direction. Proceed with caution.
Currently, there’s no entrenchment, as the apps are open source and there are self-hostable servers. You can easily get your data out and even continue using the apps indefinitely (the whole database stays locally in the app, offline; you just loose sync unless you self host a server).
I say that because that is the minimum bar for any alternative. I use them and am not panicking yet, but if I was starting from scratch, I would be cautious about choosing them.
Bitwarden seems to be pretty clearly on the path of enshittification. They’ve been going towards closing off the self-hosted versions for a while, and moving their app out of repos that check licenses, with the likely aim of taking it closed source.
The usualy will surely follow.
Not sure how soon, but I definitely wouldn’t newly go to them at this point.
Convenient app UX, password sharing between users and in groups, and the ability for passwords to be updated on multiple devices simultaneously or while offline without collisions. It has a few other features that are probably rarely used, like secure send, that some people may use.
that would be a non-cloudbased non-easy solution. personally, that’s what i’m doing, but i don’t anticipate most computer users wanting to go through the effort when so many people are still running windows 10 rather than switching to linux
Funny thing I switched from bitwarden to keepassxc + synchthing just yesterday.
And my best friend got interested in doing that as well (mostly syncthing, so she can backup her photos and stop relying on the apple ecosystem). I also convinced her to switch to Linux a while ago.
There’s a lot of regular non-techy users that yearn for things like that. They just need some support.
Bitwarden’s the only “cloud-based” password manager I trust, since their entire stack is open-source.
For self-hosting, they recently released Bitwarden Lite, which is a lot simpler to host than their regular server. One Docker image and you can use SQLite for the database. Different design decisions compared to the regular server which is designed to scale up to handle businesses with tens or hundreds of thousands of employees.
There’s also Vaultwarden, which is an unofficial third-party server implementation.
Bitwarden
I’ve been a faithful BitWarden subscriber since almost he beginning, but read up on them. They’ve Been making some moves lately that point in a bad direction. Proceed with caution.
VC funding is the enemy. I’m beginning to think it matters as much as the libre/proprietary software distinction.
Any alternatives? Might jump ship before they fully enshitify and hope their users are too entrenched too leave
Currently, there’s no entrenchment, as the apps are open source and there are self-hostable servers. You can easily get your data out and even continue using the apps indefinitely (the whole database stays locally in the app, offline; you just loose sync unless you self host a server).
I say that because that is the minimum bar for any alternative. I use them and am not panicking yet, but if I was starting from scratch, I would be cautious about choosing them.
Use a vaultwarden instance. It’s bitwarden api compatible.
I think I may be too dumb for that…instance?..
https://vault.tchncs.de/ https://github.com/dani-garcia/vaultwarden
You can use the bitwarden app/extension with this. It’s basically a custom backend for bitwarden.
Bitwarden seems to be pretty clearly on the path of enshittification. They’ve been going towards closing off the self-hosted versions for a while, and moving their app out of repos that check licenses, with the likely aim of taking it closed source.
The usualy will surely follow.
Not sure how soon, but I definitely wouldn’t newly go to them at this point.
VaultWarden will probably become what people who care about these things turn to for a cloud-based easy sync solution
What’s the point over keepass with syncthing?
Convenient app UX, password sharing between users and in groups, and the ability for passwords to be updated on multiple devices simultaneously or while offline without collisions. It has a few other features that are probably rarely used, like secure send, that some people may use.
that would be a non-cloudbased non-easy solution. personally, that’s what i’m doing, but i don’t anticipate most computer users wanting to go through the effort when so many people are still running windows 10 rather than switching to linux
Funny thing I switched from bitwarden to keepassxc + synchthing just yesterday.
And my best friend got interested in doing that as well (mostly syncthing, so she can backup her photos and stop relying on the apple ecosystem). I also convinced her to switch to Linux a while ago.
There’s a lot of regular non-techy users that yearn for things like that. They just need some support.
Bitwarden’s the only “cloud-based” password manager I trust, since their entire stack is open-source.
For self-hosting, they recently released Bitwarden Lite, which is a lot simpler to host than their regular server. One Docker image and you can use SQLite for the database. Different design decisions compared to the regular server which is designed to scale up to handle businesses with tens or hundreds of thousands of employees.
There’s also Vaultwarden, which is an unofficial third-party server implementation.
and ProtonPass. they’re both great.
Proton’s server is closed source so I don’t trust it as much as Bitwarden.
understandable.
proton pass comes with a subscription to the drive, email, and everything else, so its very easy to use.