2023 was a record-breaking year for cybersecurity in a bad way. Ransomware payments hit a record high of $1.1 billion, which is likely to…
You must log in or register to comment.
BitWarden
and/or Vaultwarden as a selfhosted alternative.
Vaultwarden is a great piece of self hosted server software, which meshes with Bitwarden software perfectly. And for people who can’t self host, IMO Bitwarden gives you more than enough bang for your buck with their own hosting plans.
It’s one of the few examples of software being open source and ethically making money regardless. (For comparison, Standard Notes has tried pretty hard to make sure non-paying users have an inferior experience even if they self-host literally everything.)
<$1/mo for bitwarden hosted premium is a no brainer for me
Tried, and not a fan of. The organizing features are kind of not what I expected. Sticking to KeepassXC for now.
I actually thought the organization stuff is pretty good, coming from keepassxc myself. The way we have it set up is that each of the members of our family all have VW accounts, and we have a common organization shared among us for stuff we all use (e.g. home devices). It’s all in one installation, so it’s pretty convenient. I don’t think I can do the same as easily with keepass.
That being said, keepass is a really solid piece of software. I’d recommend it myself.
I’m curious, what features is it lacking that you want to see?
First is the organizing feature. It doesn’t let me to have sub folders which I need to categorize items.
Second is the TAN management to store my MFA backup codes. A feature the original Keepass have but KeepassXC doesn’t. You can use notes to mimic but it doesn’t auto expire after use, i.e. more manual work.
pass.
Is Keepass there? Good. Upvote.
Prefer KeepassXC but let’s be honest, the best password manager is the only you actually use and keep using.
And that doesn’t get hacked!
Everything gets hacked given enough time. Just not everyone says they were hacked or realised they were.
Prefer KeepassXC
Why? Keepass has lots of plugins and XC doesn’t, right?
I would only use KeepassXC
+1 For KeepassXC, I use it in combination with syncthing to have my passwords available on all devices.
Nextcloud syncs my KeepassXC safe.
Syncthing for me, but Nextcloud has its advantages too.
Same for me
Been using that same setup and very happy with it.
I use Bitwarden for passwords. Just works so well.
KeepassXC and KeePassium for TOTP codes. I keep the database in the cloud but sync a key with Syncthing that’s needed to unlock the database on the devices themselves.
Locally hosted bitwarden (vault warden) that is only accessible on your local network is the way to go. When a new sync is needed away from home, wireguard VPN to connect back in makes everything nice and secure. Otherwise most of the time the vault is cached to the device locally so you don’t need to phone home to access passwords.
I do it exactly like that, except that im connected via vpn most of the time, since my pihole is also located in my lan
Exactly my setup
My setup
deleted by creator
@bluetoque @ebits21 Because then every account is only as secure as your Bitwarden account. It become a single point of failure/vulnerability.
Yep, I think keeping TOTP codes in the same place as passwords defeats their purpose (no longer a second factor).
Less convenient but more secure.
I like ProtonPass. It’s nice.
And they are really moving quickly with development. I feel like we’re getting new features monthly
Keepass + Syncthing is a great combination.
And with Syncthing’s Untrusted Device Encryption feature I can use my VPS as an extra node for synchronization without worrying touch if it becomes compromised without me knowing.
the file is already encrypted so you aren’t getting much more security
I also sync other stuff, so it’s useful anyway.
And it hides file names and sizes by splitting things up, which puts one extra layer of difficulty for someone trying to find my passwords file to target. I have a much stronger password on the syncthing directory than my normal type-each-time password to open keepassxc.
Still using KeepassXC on desktop and laptop and KeePassDX on mobile.
This is exactly my setup. How did you know? LOL.
File synchronized with Syncthing? :)
I could say I know because i’m an elite haxxor but it would be a lie. I’m not even at script kiddie level.
KeepassXC & Syncthing
And I do keepassdx on Android, with a (phone-specific) database synced with syncthing
P.S. syncthing is fantastic: I hope more people consider hosting discovery servers and especially relays
KeepassXC, Passbolt
If you are into the command line, pass is also neat. You can even have your keys in a git repo and access it with a FOSS Android app (requires some dedication to set it up). It’s very useful to feed passwords to scripts without hardcoding them in the source.
KeePassXC my beloved
Can someone explain what those password managers are doing better than Firefox?
I guess a bunch of things, as they are specialized apps:
- proper auth. I think with Firefox you can have a password, but a password manager will have multiple options for 2fa including security keys, and on phone fingerprint unlock etc. In general, password managers are more resistant to malicious users gaining access to your device.
- store all kinds of stuff. Not everything happens in the browser, and it’s just convenient to have an app just for credentials. Many password managers allow to store and autofill credit cards too, for example.
- on the fly generation of aliases. Password managers have external integrations. For example proton and bitwarden can integrate with simplelogin.io to generate email aliases when you choose to generate a new username.
- org-like features. Password managers can be also convenient for sharing with family (for example). I do manage a bitwardes organization used by all my immediate family, which means I can share credentials easily with any of them. Besides the sharing I can also ensure my (not tech savvy mom) won’t lock herself out (emergency breakglass access configurable) and technically enforce policies on password strength etc.
- as banal as it is, self-managing. I like to run my own services and running my own password manager with my own backups gives me peace of mind.
- another perhaps obvious point. More compatibility? I can use my password manager on whatever device, whatever browser. For some, it might not change anything, but it’s a convenient feature.
As a personal addition, I would say that I simply want the cornerstone of my online security to be a product for a company that is specialized in doing that. I have no idea how much effort goes into the password manager from Mozilla, for example.
I need to enter passwords in lots of places that aren’t a browser.
If Firefox’s password keeper meets your needs, then I would endorse using that, for sure.
Some advanced features and convenience if you use different browsers. If Firefox auto-fill works for you, than you probably do not need any of those features.
I love Dashlane, someone tell me why it’s bad.
I know they recently published the code for their clients, so that’s a plus. But I can’t find any independent audits for their architecture or clients.
While all mentioned options does have independent audits done.
Aslo more expensive than Bitwarden for example, should u want to pay for premium.
Microsoft Excel file
Post-it notes on the monitor.
Under the keyboard for added security.
That’s terrible practice
But during game time, best possible choice.
No, I’m pretty sure it is very much not
