Just wondered what people are using for their password management.
I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.
So is it worth the switch? Will I lose out on anything by doing so?
I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.
Just interested in your thoughts and trying to stimulate conversation!
keepass
Ive used both, Bitwarden feels more mature plus it’s open source. But 1Password is probably more user friendly for less tech savvy people.
Thanks. I’m tech savvy so that’s not a problem. Just always used 1Password based on recommendations. More than happy to go open source, and 1Password 8 feels like a step backwards from 1Password 7.
Just out of curiosity, why exactly is it a step back? I’ve heard this comment several times but, having only used 1Password 8 (which I quite like), I have nothing to compare it to.
Because it’s now an Electron app on macOS and — in my personal view — Electron apps suck. Much prefer native apps.
Functionality-wise it’s the same, but just doesn’t feel as nice to use, if that makes sense.
What’s the problem with Electron apps?
I’ve never understood those problems. I’m not saying they don’t exist, I haven’t investigated it or anything lol, but I don’t see why individual non-electron programs have less overhead than individual electron programs when the argument is that multiple would-be electron apps could share one browser instance because multiple non-electron apps also don’t share anything.
Also I don’t see how not using a chromium base would make programs better about having massive 1 GB directories of various temp files.
What am I missing? Because clearly those problems exist.
I can’t say I fully understand the ins and outs of it because, like you, I’ve never looked into it in any great detail.
I’ve used VS Code for a while and I remember seeing a post on Reddit about how good it is “for an Electron app”, which raised my interest. I then saw more and more complaints about Electron apps, mainly around how they consume a lot of resource and ultimately crash peoples machines, resulting in data loss.
Don’t get me wrong, I see the benefits of Electron apps — they’re easy to deploy across multiple OSes which makes things a lot easier for developers. But I guess as a macOS user, I do love a native app for its look and feel and user experience. Not knocking that on all Electron apps, it’s just a preference.
Bitwarden’s desktop app is also electron, just a heads up
Good to know, thanks!
If it helps, I’ve been using Bitwarden since 2019 and never installed the desktop app. Can’t imagine what you’d need it for.
Fair enough, to each their own. I understand why electron apps might not be everyone’s cup of tea, but I think some really do work very well (VSCode is the standout).
Now you may have me there. Visual Studio Code is certainly an exception, I’d be willing to admit.
I agree that 1password 8 is a step backwards when they switched to electron from native app on Mac. I’m still sticking on 1password 7 because of that.
I feel the same. I therefore use Bitwarden myself(not selfhosted as I don’t trust myself to host important things quite yet), and control 1Password for the rest of the fam.
Bitwarden is very good, but if you are already comfortable with 1Password I don’t think it is worth the switch. A lot of people (myself included) just recently switched from LastPass to Bitwarden due to LPs issues and breaches. But 1Password is still very solid and highly recommended.
Does anyone know about SafeInCloud?
No I’ve never heard of it, but have just searched it and am having a read.
There’s no point switching if you are using either of these two, so I’d just keep 1Password.
I guess one is considerably cheaper than the other, so there’s that.
But yeah, other than that, no real reason to switch if there is parity on the functionality.
Barely for a family subscription that they are using, I think 1Password is worth the extra for the polish it has and their support. I suppose if you had a family of 6 then Bitwarden gets a lot more value back as I believe 1Password’s is only 5 members included and $1 for extra beyond that.
I was using Bitwarden for a few years, it is a great option. Once you’ve adjust your workflow over to it I doubt you’d miss 1pass
I recently switched to Proton Pass as I’ve moved over to their ecosystem, it’s it’ll pretty early days and it’s got it’s problems but I am finding it reliable so far
A password journal of course.
…or maybe I just like making y’all cringe a little.
My work uses 1 Password. It feels relatively safe. They claim that if you don’t have your master key they can’t restore your passwords. Can not ensure the validity of that claim.
Personally I use Bitwarden and KeePass for my passwords. They are both open source and audited by 3rd parties. I trust them.
I assume Bitwarden is the same in terms of the master password? Again, I can’t say for certain.
My wife almost lost her 1Password vault due to forgetting her master password. Thankfully we remembered it eventually.
KeePass is great. Has all the features I want and then some. Everything is stored locally, you can encrypt with password and private keys and it even has the ability to sync dabases on a on a home server. I use it on windows and android. Since 99% of the time I make password updates on my phone I’ll just sftp the database file to my server and then use it to sync with my windows machine next time I’m on it.
What’s the advantage of sftp over something like synching to automatically keep it updated on all your devices?
Well I own and manage the server for one thing, so it makes sense for me. Considering the sensitivity of this I try to keep as much of it as possible under my direct control. I only have three devices that I need all of my passwords on, and with KeePass you just click the drop-down and select the sync option when you need to update. I have an sftp client on my phone and will just upload the database whenever I need to. There is an auto syncing option on the client, but I don’t use it. It’s definitely not the most convenient option out there, but good security is rarely convenient.
I also use KeePass. Been using it for 2-3 years now. No complaints. Like you said, it has all the features I need and then some.
I was a big time LastPass user. Switched to Bitwarden when LastPass was bought by LogMeIn… what was that, 6 years ago?
It’s free, it gives me everything I need, and I can even self-host it, giving me ultimate peace of mind.
Bonus: Bitwarden has a LastPass migration tool (I’m sure they have it for others) - made the move a matter of minutes.
I self host a Bitwarden server fork called vaultwarden. It works with all the official Bitwarden apps and browser extensions and I am very happy with it. I never used 1password though so I cannot comment on any missing features.
I moved from 1Password to Bitwarden because I was struggling to pirate the former.
NGL, I think it is kinda stupid to use a hacked software as important as a password manager, same as with an antivirus, so for me the way to go has been to selfhost Bitwarden, haven’t looked back since that.
I’ve been using (and paying for) Bitwarden for a few years now. There are slicker solutions but it does the job for me and I don’t really see any need to change.
I recommend KeePass, used it for years, open source, not hosted, can use a key file for added security and works well with nextcloud, drive, Dropbox, etc
KeePass is the way. Keep all these newfangled web services away from my passwords. And there’s plenty of different open source projects available that all works with the KeePass format.
Keepass XC + syncthing. doesn’t have to touch the cloud at all. It’s what I do, though I have investigated Vaultwarden for work. But no real SSO / AD integration with it is potentially a deal-breaker. Though I get that it’s probably complicated to add.
deleted by creator
