I personally use passwordstore.org with a git repo on a personal VPS. But I wanted to set up a password manager for my boomer parents and looks like Bitwarden is one of the better options out there.
The problem is that the free tier sounds a bit too good to be true so I am worried that it might just disappear or discontinue one day. Any idea if this fear is unfounded or not?
If you have been using Bitwarden please share your experience with it. Would like to hear.
I use KeePass on all my devices. I locally sync the DB with syncthing. But I gived an eye to pass and is really cool tho.
Same setup for me, keepass database synced with Syncthing and of course backed up to a few locations. It’s great because there’s a lot of great apps for it. I use KeepassXC on my computer and KeepassDX on my phone.
Eitherway, just selfhost it if you gonna use it (if your able)
Same here. This requires no server, and is fully e2ee.
Just make sure you back it up vigilantly to a secure location. Especially if you’re like me and occasionally need to wipe your computer/phone due to screwing up while tinkering with the OS. Especially especially if you use auto-generated random passwords that you yourself have no hope of memorizing, as recommended by security experts. In any case, your passwords database is one thing you really don’t want to try to restore from back up and realize it’s many months out of date.
https://keepassxc.org/ + https://github.com/keepassxreboot/keepassxc-browser#download-and-use could be a good option.
Bitwarden server side is partially propietary. Officially, they only support Microsoft SQL Server.
There is also a third party server side implementation that you could run in your VPS and can be connected AFAIK to the browser extension.
I may set this up. Thanks.
I would go for https://keepass.info/ . IMHO the best open-source password manager out there. Because of its prorietary parts I wouldn’t trust Bitwarden.
What proprietary parts
not easy to use.
There’s AuthPass that is using the KeePass database format and IMO more user-friendly and approachable to a newcomer.
The great thing about keepass databases is that you’ll have plenty of options on all platforms for a password manager and you can use a different one on all devices or even two programs on one device if you want to do that for whatever reason
I’ll look that up. thanks.
tbh I’ve yet to see a KeePass-based password manager that’s not clunky-feeling. Strongbox is probably the best one for that but that’s for the Apple ecosystem.
what’s the challenge? there is lots of ways to use keepass that aren’t immediately obvious.
if you fear they might shutdown, you can self-host it yourself and get the functionality and control.
https://bitwarden.com/help/article/install-on-premise/#install-docker-and-docker-compose
I use Pass. It has a ton of extensions and client, as well as being simple to use.
For BitWarden, I believe you can host it through your own server.
It’s great, and I pay for the subscription for the 1GB of secure storage to include sensitive attachments.
I also keep a backup in cold-storage just in case the service shuts down or has an outage. I’ll decide then if I want to switch back to a KeePass-based password manager (which worked well enough, using Syncthing to keep it synced across devices), or if I want to host my own
Bitwarden-rsVaultwarden (I didn’t knew it changed name, TIL) instance.deleted by creator
I personally use Firefox as my password manager, sync’ed with my email account on all my devices. AFAIK everything is encrypted and should be safe, and it’s easy enough to use.
Oof, idk password managers in browsers…
There are also apps if you prefer: Lockwise for Android and iOS I believe, but plain Firefox works too. GNOME Web can also sync with it if you want. If it’s your main browser, you’ll probably have it open 99% of the time anyway.
Definitely recommended for the boomers. It’s relatively user friendly, will work/sync on all their devices without you having to think about it. And if it doesn’t work out in the future, there’s no lock in.
I’ve used it for years. I ran my own server at first, just to make sure it was possible and reasonable. It was nice, and fully featured (I used the third-party bitwarden_rs sever, now called vaultwarden). But eventually I got tired of maintaining it and just switched to the free account bitwarden offers, reassured that I could load a backup to self-hosted again at any time if bitwarden’s servers ever go away, or get bought out by a disagreeable corporation, or whatever.
I really love Bitwarden. If they shut down, I have backup
You can use Vaultwarden project to host the server on your VPS and use Bitwarden client apps to connect to it.
I was hosting it myself for a while. The user experience is great. They have a really nice script for the server too.
However, the stuff I self host is meant to be low maintenance, and bitwarden wasn’t that. Expect frequent update requirements, otherwise functionality might break. It might be possible to automate the updates etc., I haven’t tried it.
In the end I figured that keepass is just as simple (nearly) and you can put the database on a cloud share so you can add passwords on any device and have them synced.
I immediately deleted my account after realising the free tier doesn’t allow bundling the TOTP with the password. Instead I use KeePassXC on my computer and KeePass2Android + Enpass on my phone.