this post was submitted on 18 Jul 2023
167 points (97.7% liked)

Technology

72484 readers
3533 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS
 

Just wondered what people are using for their password management.

I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.

So is it worth the switch? Will I lose out on anything by doing so?

I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.

Just interested in your thoughts and trying to stimulate conversation!

(page 2) 50 comments
sorted by: hot top controversial new old
[–] NettoHikari@social.fossware.space 4 points 2 years ago (2 children)

I'm also part of the Vaultwarden crowd. I'll never trust something that isn't open source.

[–] hoodatninja@kbin.social 2 points 2 years ago (2 children)

Isn't Bitwarden open source?

[–] NettoHikari@social.fossware.space 3 points 2 years ago (1 children)

Yes, I'm using Vaultwarden as lightweight alternative to the Bitwarden server.

I'm saying I don't trust 1Password. The OP asked for 1Password vs. Bitwarden. To me, Vaultwarden = Bitwarden and 1Password = Closed source crap.

[–] hoodatninja@kbin.social 2 points 2 years ago

Ah makes sense

load more comments (1 replies)
[–] schmurnan@lemmy.world 2 points 2 years ago

Thanks, I’ll look into it I think

[–] hedders@fedia.io 3 points 2 years ago

I've been using (and paying for) Bitwarden for a few years now. There are slicker solutions but it does the job for me and I don't really see any need to change.

[–] davetansley@lemmy.world 3 points 2 years ago (1 children)

Haven't used Bitwarden, but I've heard good things about it.

Until recently I was using Google Password manager and a half-hearted attempt a "system" for unique passwords. Luckily, I wised up and decided to raise my game... after a bit of research, I went with 1Password, and I've been very happy with it.

The integrations are okay, though not perfect. But the thing that has been most useful for me is the Watchtower stuff that basically gamified my security and forced me to change repeated or insecure passwords. I feel in much better shape now, and feel very confident in 1Password's encryption model. So, for me at least, it has been worth the money.

[–] schmurnan@lemmy.world 3 points 2 years ago (1 children)

Boo, Google! Haha j/k, each to their own 🙂

1Password has been one of my go-to apps for years now, so I’m clearly happy to pay the $80 a year or whatever it is (I’m a Brit but I think it’s around that price). But it’s very good to know that I can get the exact same (more or less) functionality in Bitwarden for $10 a year. And I have the option to self host on my Docker stack on my NAS should the mood take me.

I absolutely wholeheartedly agree about Watchtower — that’s a nice little piece of functionality. I saw Bitwarden can check if your passwords have been involved in a data breach, but nowhere near as many little add-ins as Watchtower. It feels like a credit score for your passwords 🙂

[–] Bazoogle@lemmy.world 2 points 2 years ago

Nah, it's okay. The google chrome built in password manager is one of the worst options

[–] art@lemmy.world 3 points 2 years ago (1 children)

My work uses 1 Password. It feels relatively safe. They claim that if you don't have your master key they can't restore your passwords. Can not ensure the validity of that claim.

Personally I use Bitwarden and KeePass for my passwords. They are both open source and audited by 3rd parties. I trust them.

load more comments (1 replies)
[–] Squirrel@thelemmy.club 3 points 2 years ago* (last edited 2 years ago)

I have no experience with BitWarden, but I do like 1Password. I previously used LastPass, and 1Password has much better browser/device integration, in my experience. I've been happy with it and intend to keep my family subscription.

[–] Yota@lemmy.sdf.org 3 points 2 years ago

I was using Bitwarden for a few years, it is a great option. Once you've adjust your workflow over to it I doubt you'd miss 1pass

I recently switched to Proton Pass as I've moved over to their ecosystem, it's it'll pretty early days and it's got it's problems but I am finding it reliable so far

[–] yA3xAKQMbq@lemm.ee 3 points 2 years ago* (last edited 2 years ago) (4 children)

Edit: apparently that’s no longer true and I just didn’t notice: https://support.1password.com/autofill-behavior/

~I use 1Password, and I’m generally satisfied, but what really really sucks is that it only works with domains, but neither subdomains nor ports.~

~So if you’re running your own server that gets annoying extremely fast, because you will have a very long list of suggestions to wade through.~

With Bitwarden (IIRC) one issue is that you cannot save a password when you’re offline, and – again IIRC – it doesn’t even drop a warning about that.

[–] Tyfud@lemmy.one 3 points 2 years ago

I'm on the 1password train. I like it, they're professional, and their extension works much better than lastpass

[–] UnknownQuantity@lemmy.world 3 points 2 years ago

I'm using bitwarden. The free version has everything I need, but I pay for the premium because I want them to continue.

[–] lackthought@lemmy.sdf.org 2 points 2 years ago (2 children)

I just use firefox to remember my passwords

is there an advantage to switching to some third party app like bitwarden?

I feel like firefox is good enough and very easy to view/manage my passwords, but open to arguments why others are worth switching to

[–] DAVENP0RT@lemmy.world 4 points 2 years ago

App fill is a pretty useful feature of most third-party password managers. When I open an app on my phone, it will recognize which login(s) are associated with it and autofill.

Also, the ability to create and store secure notes has proved invaluable. I don't want to store things like safe combinations in plain text in my Google Drive.

[–] JustEnoughDucks@feddit.nl 2 points 2 years ago (1 children)

How does it store them though? I thought (this was maybe long ago) they they were stored plaintext on your machine instead of in an encrypted vault like password managers.

load more comments (1 replies)
[–] diamonddozen@kbin.social 2 points 2 years ago (1 children)

Are you only interested in hosted applications? I've been using Keepass for years without any complaints. Though now that I'm seeing this thread filled with selfhosted vaultwarden comments, I might look into that though.

[–] schmurnan@lemmy.world 2 points 2 years ago

No I’m pretty open to either hosted or self hosted. I use KeePass in work (because it’s mandated) and I’d probably describe it as “OK”. The plug-ins are a little fiddly to get working, and my work actually block most of them which drastically reduces the functionality. I have zero browser integration, for example, so I have to copy/paste passwords in each time. Which isn’t the end of the world, but annoying.

Also not sure if there’s a macOS version of KeePass or something I could also use across iOS, watchOS and iPadOS as well.

[–] verysoft@kbin.social 2 points 2 years ago (2 children)

There's no point switching if you are using either of these two, so I'd just keep 1Password.

load more comments (2 replies)
[–] electric_nan@lemmy.ml 2 points 2 years ago* (last edited 2 years ago)

KeepassXC, synced with Nextcloud to all my devices. Browser plugins and android app. Diceware master pass phrase.

[–] Cyder@lemm.ee 2 points 2 years ago

Bitwarden is very good, but if you are already comfortable with 1Password I don't think it is worth the switch. A lot of people (myself included) just recently switched from LastPass to Bitwarden due to LPs issues and breaches. But 1Password is still very solid and highly recommended.

load more comments
view more: ‹ prev next ›