I had keepass for workstation + lastpass for non essential stuff so I can login on any device. I’m trying other options before I give up and subscribe to premium.
Since I already had keepass synced to cloud, It’s working great on other devices too. Mobile app, while unofficial, is great as well. But I’ll miss chrome extension and that easy login.
I’m convinced to move everything here but should I check other options too? I’m interested in knowing about you all. I don’t think sharing just your setup should attract attention, right?
I might be going to college this year so I’ll want maximum client side security and won’t mind saving some.
I’ve self-hosted BitWarden_rs for a couple of years now It’s a lightweight implementation of the official server, and it’s compatible with all official BitWarden apps.
Many people I know and from the Green community are happy with Bitwarden. Personally, I use Enpass since years. Paid once, never looked back (there is a one-time payment option. Back then it was 18€ now I think 60€?).
Self-hosted Bitwarden_rs. I find it quite awesome that even the premium functions like Collections (which I use to share certain passwords in my family) are fully operational.
I’ve been using LastPass for years - Used to pay for premium back when it was $1/month and you had to have premium to use Google Authenticator with it. A few years ago, my employer started using LastPass Enterprise which gives me a free personal account.
I’m still using LastPass mainly because it’s free for me and I’ve been too lazy to switch to something else. I have a LOT of notes in LastPass (I store things like Borgbackup encryption keys in there) so I’d have to migrate those somewhere.
I’m thinking of moving to Bitwarden though. Not sure if I’d self-host their official server, or just use their hosted version and pay for the premium version. Bitwarden_rs seems nice but the fact that it hasn’t been audited puts me off a bit.
1Password’s Android app used to be horrible (maybe it’s better now), and it’s closed-source which is always a bad thing when it comes to security-related software. I hear it’s good on iPhone/iOS but I no longer own any Apple devices so I haven’t tested it on those platforms.
Also, if you self-host Bitwarden, there’s a project on Github that patches it to give you the premium features without having to pay for a license. Basically modifies their license checking code to use a self-signed certificate then generates a key using the self-signed cert. Not sure how I feel about that (if you like it, you should support its developers!), but it exists.
It should be fine, the server doesn’t get the master password anyway all it dose is just serve the encrypted password vault, the actual encryption and decryption is handled on the device it self.