this post was submitted on 15 May 2026
294 points (99.3% liked)

Technology

84662 readers
3777 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
294
Bitwarden New CEO has extensive M&A, Private equity experience, Removes Transparency from its Motto (www.fastcompany.com)
submitted 7 hours ago by iter_facio@lemmy.today to c/technology@lemmy.world
118 comments fedilink hide all child comments
 

I find this move concerning, and wish that the Founder had looked for a new CEO that shared his values rather than a Private Equity and Mergers Expert.

Furthermore, the change to the GRIT motto is worrying. Trust is useless without Transparency when it comes to code and security.

you are viewing a single comment's thread
view the rest of the comments
[–] one_old_coder@piefed.social 128 points 7 hours ago (2 children)

Is it that time when I say "oh shit!" and starts to look at alternatives? I've seen this scenario a hundred times already and I'm tired.

[–] Godort@lemmy.ca 29 points 6 hours ago (1 children)

I don't have the patience to switch to alternatives until they make a change that actually affects the usability of the tool.

This is absolutely a red flag though.

[–] Quacksalber@sh.itjust.works 19 points 6 hours ago (1 children)

Just FYI, you can export your Bitwarden database to plain text and import that with KeePassXC

[–] alakey@piefed.social 6 points 5 hours ago

All the attachments, though... man this is going to be such a pain :/

[–] YurkshireLad@lemmy.ca 37 points 7 hours ago (5 children)

Same question here. What are the best alternatives?

[–] zikzak025@lemmy.world 49 points 7 hours ago (1 children)

KeePassXC is the best FOSS option, but you'll need to figure out self hosting if you want to sync the database between devices.

[–] M1k3y@discuss.tchncs.de 19 points 6 hours ago (3 children)

As the database is encrypted in your device, you dont really need to self host. A keepass database in the Google cloud is not really problematic, although you should still choose a more private cloud provider.

[–] eager_eagle@lemmy.world 4 points 4 hours ago (1 children)

make sure to use post-quantum encryption algs

[–] victorz@lemmy.world 2 points 3 hours ago* (last edited 2 hours ago)

Which algs would that be? ed25519 okay? Is that even an encryption alg? I'm not too hot with encryption.

[–] meathappening@lemmy.ml 11 points 6 hours ago (1 children)

Syncthing is probably a simple fix.

[–] mnemonicmonkeys@sh.itjust.works 13 points 5 hours ago (1 children)

Assuming you have a degoogle'd phone. The syncthing-fork devs announced that they aren't going to certify for Google Play when that's made a requirement in a few months

[–] meathappening@lemmy.ml 7 points 4 hours ago (1 children)

Ugh, I forgot about this. Aren't you still going to be able to install apps from third-party marketplaces? I thought the plan was just that the phone was going to hassle you and require multiple hoops.

[–] scutiger@lemmy.world 2 points 4 hours ago

I think other apps will require ADB to install

[–] Quetzalcutlass@lemmy.world 1 points 5 hours ago

And you can use a keyfile separate from the database for even more security. If the database is backed up on Google Drive and the keyfile is saved on a USB or in a (non-Google) email somewhere for the rare times you add a new device, your passwords should be safe even from keyloggers or Google themselves.

[–] jtrek@startrek.website 8 points 5 hours ago

I use keepassxc. It does the job.

[–] IcedRaktajino@startrek.website 12 points 5 hours ago* (last edited 5 hours ago) (1 children)

I use Vaultwarden

[–] refract@lemmy.zip 7 points 3 hours ago* (last edited 3 hours ago) (1 children)

But you still use the official BW client apps, correct?

Unless you forego usage of the clients and access Vaultwarden through the browser (removing accessibility and convenience especially on mobile), it is not an e2e replacement solution.

Are there any alternative FOSS clients/apps that work with Vaultwarden?

Edit: I see further down that the official client is open source, and would get forked in the event of any fuckery. So I'm sticking with Vaultwarden + Official client app approach for now.

[–] IcedRaktajino@startrek.website 2 points 3 hours ago

I just use the webapp UI and don't bother with the clients/extensions. Easy enough to just log in, copy/paste from there.

But yeah, the official client (and probably browser extension as well) would probably be forked if/when needed.

[–] meathappening@lemmy.ml 10 points 6 hours ago (1 children)

Coincidentally, I moved to self-hosting Vaultwarden last night, which is open source but compatible with Bitwarden. If you want a simple transition and are capable of hosting it yourself, that would be my recommendation.

[–] ITGuyLevi@programming.dev 5 points 4 hours ago

I've been hosting it for a couple years now and question why it took me so long.

[–] h54@programming.dev 6 points 7 hours ago (1 children)

Proton Pass.

[–] Joelk111@lemmy.world 7 points 6 hours ago (1 children)

I'm pretty sure that isn't self hostable.

[–] h54@programming.dev 2 points 3 hours ago

That's true.