Thanks for all the comments. Currently I use KeepassXD/DX + Syncthing.
I hash my password with fingerprint on Android, keep a seperate database containing that one in another place for backup. Maybe thats stupid, but I cant type on a phone.
On Linux I use KWallet, store the Keepass password there, and have a shortcut fetching that password and inserting it into the Keepass wallet using KeepassXC. Works with one click too.
Problems
- all entries are either locked or unlocked
- to have autofill working, the app cant be killed (Android)
- also, all passwords need to be decrypted for it to work
I dont see that this is the best solution. Decrypted, maybe hashed metadata possible to detect autofill fields, and then selectively unlock the needed credentials, would be better.
Works like this for me:
Tap password field
Bitwarden pops up requesting fingerprint to unlock
Select the credentials you want to use
Autofill
Not quite sure what you mean by fully unlocked here. I don’t see the problem with all credentials being unlocked if you have to unlock on every access to the db.