What is a really smart choice for password manager apps? Concerned about privacy and politically involved CEOs.
I’ve used:
- LastPass
- 1Password
- ProtonPass (Now using)
I thought ProtonPass was a good choice but I’m starting to read more about it. What’s just a really solid choice all around, that you can feel good about? Free or paid.
I use Keepass but I recommended Bitwarden to less nerdy family members as it syncs out of the box & does what they need it to do. Sync is simple enough to set up with Keepass & the big plus for me is that it allows storage of files/documents. Last time I checked this was a limited/paid feature on Bitwarden
Bitwarden
I use and like Bitwarden and afaik you can self host a fork(?) too
You can self-host Bitwarden, too. My understanding is that VaultWarden is much simpler to self-host, though. Note that VaultWarden isn’t a “fork”; it’s a compatible rewrite in Rust (Bitwarden’s codebase, by contrast, is primarily C#).
I also use Bitwarden and strongly prefer it over every other password manager I’ve tried or investigated, for what that’s worth. I’d recommend it to 99% of non-enterprise users (it’s probably great for enterprise use as well, TBF).
The only use case I wouldn’t recommend it for is when you don’t want your passwords stored in the cloud, in which case KeePass is the way to go. To be clear, that recommendation does not apply if you’re syncing your vault with a cloud storage provider - even one you’re hosting, like SyncThing - even if your vault is encrypted. At that point just use Bitwarden or VaultWarden, because they’re at least audited with your use case in mind (Vaultwarden has only been audited once afaik, though).
Can confirm it’s super easy to self host.
+1, definitely recommend VaultWarden and a VPN
+1
Bitwarden paid version also lets you set emergency access for others in the case of your death or inability to access
+1 for bitwarden
+1 for bitwarden as well
You can self host vaultwarden and use the bitwarden clients
I’m happy with Bitwarden, the iPhone app and windows software / Firefox extension all work seamlessly and easily
Been a Bitwarden user for several years now, both personal and deployed at multiple small businesses.
It has been fantastic the whole time. Pricing is great, open source, runs on basically everything, and easy to use.
KeypassXC if you’re uber-paranoid or a hardcore Stallmanite, otherwise, Bitwarden all day 100%
Also voting for bitwarden
I use bitwarden for unimportant ones and an offline one for important ones. specifically KeepassXC that was already mentioned.
KeepassXC + syncthing
Fully under your control
There’s a lot of good things here to think about. I asked, there’s a lot of experience out there, and I appreciate all of it. Great community, here!
Definitely Bitwarden
I’m a massive fan, and long time user, of bitwarden.
deleted by creator
Bitwarden.
If you want to keep it in a file you want to sync yourself: keepassKeepass + Syncthing is an undefeated combo
What’s up with protonpass? Any pointers?
Password manager from proton(protonmail/protonvpn guys)
Yeah, but why wouldn’t it be a good choice?
Oh idk that
That’s alright. Thanks though.
Bitwarden.
You know if you need more than that and if you’re asking on lemmy you don’t need more than that.
Vaultwarden. It’s FOSS Bitwarden. Host it on your own server/machine :)
I would recommend people not do that unless they know they need to and again, if you know you need to you’re not asking on lemmy.
Hosting your own secrets not only puts the burden of protecting, providing access to and preserving the secrets entirely on you, but puts a very unique set of hosting goals squarely on you as well.
Even a skilled administrator with significant resources at hand would often be better served by simply using bitwarden instead of hosting vaultwarden.
An example I used in another thread about password managers was a disaster. When your local server is inoperable or destroyed and general local network failure makes your cloud accessible backup unreachable, can you access your secrets safely from a public computer at the fire department, church or refugee center?
Bitwarden works well from public computers and there’s a whole guide for doing it as safely as possible on their website.
I use KeepassXC which is free and open-source. The passwords are stored as an encrypted file on your own system. No servers or businesses involved.
Personally I put mine in onedrive so it is synced between all of my devices though, so I guess there is still a server involved in that case
KeepassXC is great, but I realised very late in the process of setting it up, that the browser extension does not support Flatpak based browsers: “Please note that in general Flatpak and Snap based browsers are not supported, Ubuntu’s Firefox Snap being an exception.” (https://github.com/keepassxreboot/keepassxc-browser/wiki/Troubleshooting-guide)
I hope this might change at some point.
There’s a workaround, at least for Firefox
Where would one find that?
https://github.com/keepassxreboot/keepassxc-browser/issues/1631#issuecomment-2464608760
I think that was the method that worked for me
I think I ran into that exact issue myself when I tried out fedora silverblue. I believe there was a workaround but it was quite involved from what I remember…
KeePass on sandstorm
One virtual server hosts all my open source apps, including my pw manager. It’s insanely great.
Try the one click demo
https://apps.sandstorm.io/app/rq41p170hcs5rzg66axggv8r90fjcssdky8891kq5s7jcpm1813h
KeePass is really good. I use Keepass DX on my phone and use syncthing to sync them. Works amazing.
Samesies. KeePass works great for me as well, storing it on a server so it’s accessible for both phones (using KeePassXC), and desktop using the web app for keeweb.info (app.keeweb.info).
+1 for keepassxc + syncthing
Also generally recommebd syncthing as a replacement for cloud storage for you phone pics and music and stuff.
noted, ty
Samesies!
One very important word of caution (unfortunately coming from experience): Syncthing, as the name suggests, makes it so the content of one device is the same as that of another device. So, even if you have one device set to only receive data, it means that if you delete a file from the sending device, the receiving device will also delete that file to stay in sync with the sending device.
There is a way to use Syncthing as a simple backup storage program (not necessarily the best solution but much better than manually backing up your files every few months and just hoping for the best). But it means that you have to use the advanced folder option “ignoreDelete”. I also use the file versioning system, so even if something is automatically deleted by mistake, it’s still versioned in a special subfolder and accessible to me.
Yeah i basically view it like a network drive in its default configuration. As if you were carrying around a USB drive.
No one has mentioned pwsafe, which was originally created by Bruce Schneier and is still maintained.
