Comment on Concerns Raised Over Bitwarden Moving Further Away From Open-Source

• wintermute@discuss.tchncs.de ⁨3⁩ ⁨weeks⁩ ago

  Keepass is exactly that. Basically all the client side parts, and the database is a single encrypted file that you can sync however you want.

  source
• xthexder@l.sw0.com ⁨3⁩ ⁨weeks⁩ ago

  I’ve done basically this in the past by encrypting a text file with GPG. But a real password manager will integrate with your browser and helps prevent getting phished by verifying the domain before entering a password. It also syncs across all my devices, which my GPG file only worked well on my desktop.

  source
• LedgeDrop@lemm.ee ⁨3⁩ ⁨weeks⁩ ago

  It’s the “stringing it all together” that could be problematic.

  If you have multiple clients (desktop/cellphone) modifying the same entry (or even different entries in the same “database” ). You need something smart enough to gracefully handle this or atleast tell you about it.

  I did the whole “syncing” KeePass and it was functional, but it also meant I needed to handle conflicts - which was annoying. I switched and really appreciate the whole “it just works” with self-hosted bitwarden.

  source
• HereIAm@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

  I see it as it’s easy to self host. But I’m not skilled nor rich enough to guarantee the availability of it. I don’t want to be stuck on a holiday without my passwords because my server back home died from black out or what have you.

  I pay for bitwarden and the proton mail package to keep the password management market a bit more competitive and it actually works out cheaper. It would be nice to have protons anonymous emails built in, but I can live with it.

  But I might have to reconsider if Bitwarden is going a different direction that what I’m paying for.

  source
• AsudoxDev@programming.dev ⁨3⁩ ⁨weeks⁩ ago

  That is the bare minimum of a password manager like Bitwarden.

  source
• Boozilla@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

  Yup, thanks. Was thinking along these same lines.

  source