Just wondered what people are using for their password management.
I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.
So is it worth the switch? Will I lose out on anything by doing so?
I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.
Just interested in your thoughts and trying to stimulate conversation!
Bitwarden is open source (https://github.com/bitwarden) and was audited by privacytools.io, so I’m in team bitwarden !
It is perfectly integrated with all my devices and browsers, and it’s free to use.
Jup bitwarden is pretty awesome! I use a self hosted vaultwarden. You can link it with the bitwarden browser extensions.
If to choose it will be Keepass 🙂
Same. I even self-host it now, no getting caught up in massive data breaches for me!
I feel way more comfortable with having this one file than relying on some cloud-someone-computer thing. And experience is smooth thanks to Syncthing.
FYI privacytools[.]io has long been commandeered by the BDFL who apparently accepts—how do i put this impartially?—financial incentives for supporting specific software.
Privacyguides.org is the version maintained by the original privacytools team that have been doing the lion’s share of the work since 2019
There’s a huge drama between privacytools and privacyguide, I’m not sure anyone here can tell what happened internally after reading both side of the story.
Yes privacy tools accept sponsoring but it should be transparent about it ? It was the case before, I’m not using the site anymore so idk if things have changed in a bad way I’m sorry I promoted it.
Been using Bitwarden for some time. Really like it.
Question for you since you mentioned how it’s integrated with all your devices. I currently do not use a PW manager (I know, shame on me). Let’s say I get bitwarden, do I need to go back and change every password on every website to the bitwarden-generated password?
It just seems like I’m “In too deep” in a way where it’ll be a pain in the ass to set up.
If you have stored your credentials in your browser, you can export them to Bitwarden. It’s fairly easy and will save you a lot of time.
The point of using Bitwarden (or any password manager) is that you have no idea what your password is. From a security pov you « should » update your credentials but no need to rush, one step a time 👍🏼
I started using bitwarden half a year ago and this is what I did. But once again moved, I Figured it worth nothing if I have weak and shared passwords across apps and sites. so eagrly I changed all the password on accounts that hold my financing details (bank, google, PayPal, etc…) and then lazily, every time I had to go to a site like lemmy for instance I changed it on the way
When I switched to bitwarden I updated my password to a more secure (bitwarden-generated) password each time I logged into a site and stored it on bitwarden. Painless. That’s how I got better passwords across the board and incrementally moved over to bitwarden.
Are you forced to? No. Should you anyway? Yes. I did what @else@lemmy.fmhy.ml said: just change them when you login. That way it doesn’t feel like a grand undertaking, and you still end up with extremely secure passwords that you don’t have to remember.
Also, i recommend generating your master password. If my senior mom staring down the barrel of alzheimers can remember a 12-digit string of random characters (after emptying out all the space wasted by a few dozen passwords), you can too
Y no one mention self hosted valutwarden
Odd seeing so many people prefer Bitwarden specifically for the polish and UI. Those are the reasons I chose 1Password. Both work! Both are actually pretty good solutions. But after using Bitwarden for quite a while for work, I set up 1Pass for my personal stuff. It’s just nicer and easier to manage, imo, even as a tech savvy user.
This is also my experience with Bitwarden and 1Password.
I used Bitwarden for a long time and even selfhosted it, but it just didn’t feel that polished, especially on the phone. Then I tried 1Password and everything just works seamlessly.
In the end, I think it’s just a matter of taste.
Same for me. Self hosted bitwarden, wanted to love it, didn’t love it.
Went to 1Pass family and we ain’t moving.
And this is why I love places like Lemmy. Balanced, different opinions 🙂
I personally have no issues with 1Password (except that v8 is Electron), but just tempted to try the alternatives given how strong a following Bitwarden appears to have.
Either way… it’s good to have options.
For sure. I set my father up on Bitwarden because he gets a lot more out of the free tier, and it’s hard enough to convince him he needs a password manager, let alone one that costs anything, lol.
Bitwarden.
I used to have 1PW, but their browser plugin just completely stopped working for me (and a lot of others).
Then I switched to BW. It has so much better UI, plugins and apps. Oh and it’s cheaper.
And if you want, you can host it yourself
Another vote for Bitwarden
I’ve used BitWarden for a few years now and I really like it. I’ve set it up on both my PC and phone browsers, and it does its job well. Never paid anything for it, the free tier is generous enough for casual users like me.
It being open source sold it for me.
Another vote for Bitwarden
Another vote for Bitwarden. I love it and recommend it to everyone.
I’m a HUGE 1Password fan–and have been for years. It is always the very first app I install on any device. Paid for every upgrade since v4 when I discovered it.
I was sceptical of the switch to Electron, but it’s just the front end. The backend is written in Rust and performance has been great. It’s not native, but that’s a current trend right now…
I was even sold on the subscription model, and now manage a family account for my wife and kids.
Keepass, Keepass2Android and Syncthing to share between devices.
I’ve been subscribed to 1Password for around 8 years now, and don’t intend to cancel it any time. It’s super convenient, updated frequently, and seems to be audited independently to ensure security too. Just recently they’ve added a few features that make my life as a developer with multiple machines so much easier. OTP on every logged in device too, so I don’t need to constantly migrate the horrible Authy setups, or whatever else people use
Yeah the ssh-agent was something I didn’t know I wanted until they added it. Now it’s so nice not having to generate new ssh keys and update all my severs and VMs every time I set up a new machine, and if/when I need to rotate keys, I only have to update one.
Bitwarden.
keepass
KeePass for me. I manage my own database, don’t rely on clouds and etc.
KeePass is great. Has all the features I want and then some. Everything is stored locally, you can encrypt with password and private keys and it even has the ability to sync dabases on a on a home server. I use it on windows and android. Since 99% of the time I make password updates on my phone I’ll just sftp the database file to my server and then use it to sync with my windows machine next time I’m on it.
I also use KeePass. Been using it for 2-3 years now. No complaints. Like you said, it has all the features I need and then some.
What’s the advantage of sftp over something like synching to automatically keep it updated on all your devices?
Well I own and manage the server for one thing, so it makes sense for me. Considering the sensitivity of this I try to keep as much of it as possible under my direct control. I only have three devices that I need all of my passwords on, and with KeePass you just click the drop-down and select the sync option when you need to update. I have an sftp client on my phone and will just upload the database whenever I need to. There is an auto syncing option on the client, but I don’t use it. It’s definitely not the most convenient option out there, but good security is rarely convenient.
Bitwarden anothe vote