this post was submitted on 27 Mar 2026
86 points (96.7% liked)
Technology
83098 readers
2779 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
20$/year is still cheap compared to other password managers, but yeah, the lack of transparency is worrying.
Keepass is free?
Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you're already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
I run mine on a free dropbox account. its faster to set up than downloading keepass...
Everyone has some kind of cloud service tho no? The database is encrypted so you can even sync it over googles cloud storage if you dont have nextcloud or syncthing.
What? I think you dont understand at all how this works. The database of any password manager is an encrypted file. When you open your password manager and type in the master password it opens that file and decrypts its contents for you and only saves them to memory. It doesnt actually decrypt the file on the drive. When you close the application it doesnt need to be encrypted again. This is exatly the same for all password managers, the only difference is that with web based ones the database file sits on bitwardens server instead of on your harddrive. You are just changing the location of the database, nothing else. Keepass also automatically saves a backup version of the database to a location you can specify and even if you dont you still have better redundancy than with bitwarden because the file sits both in your cloud storage and on each of your devices.
so is bitwarden. i dont get your argument here. bitwarden does a lot more for free than keepass
IMO Keepass and Bitwarden aren't exactly the same, as the latter has cross-device sync built-in.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don't know why it has to be one or the other for an OSS credentials manager
Edit: part of what you're paying for with BW is first-class native apps
I can't think of a reason to choose Keepass over Vaultwarden.
If you can't selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can't access your passwords.
I can’t think of a reason to choose Bit/Vaultwarden over Keepass.
The person you're replying to already gave you one: it's free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people's login data stolen.. Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
Each have their pros and cons.
Every pro you listed is applicable to Vaultwarden as well. But I assume you misread it as Bitwarden.
Vaultwarden is open source: https://github.com/dani-garcia/vaultwarden
I think you misread. Lastweakness was talking about Vaultwarden which is a 100% FOSS reimplementation of bitwarden that you self host.
Vaultwarden, self-hosted is free as well. And since it's not using the Bitwarden infrastructure, you're only as exposed as your own network anyway.
But you can still use all the standard Bitwarden apps and extensions on any device, you just need to point it at your server. Easy to set up for friends and family as well. No need to try and teach them about VPNs, setting up syncthing, etc.
I can.
I realise now that I can think of one too. Which is that you don't need to host it anywhere if you use something like Syncthing.
I set up a simple sync service with FolderSync (similar to Syncthing) on Android for my family, that preserves their mobile files on a server hosted SMB share. You can't underestimate a simple yet effective solution, sometimes so simple it flies under the radar.
Also available offline, all the time in your hands.
Bitwarden works offline. Obviously can't save to the server, but reading from what's already on your local machine works just fine.
Isn't it easier then just to use a (keepass) file? Also we carry phones around where we need secrets, too etc.
I use keepassXC for work and I only use it on one machine at a time. I don't have any experience syncing it around to multiple devices, so you might have a better perspective than I do on that.
For personal use, I self host vaultwarden and use it on my desktop and Android phone. I'm able to use the bitwarden app just fine on my phone, even when I turn on airplane mode and am unable to sync.