You must log in or register to comment.
If anyone needs an alternative in a hurry and can’t be bothered to self host feel free to use https://pass.bitnet.dev/
I spun this up for me and my family but I don’t mind sharing with my extended online friends
You can also DM me if you want some space in our nextcloud instance, I’m pretty limited right now but I’m planning storage expansion pretty soon
keepass and syncthing are free.
Time to self host
To save $10/mo?
20/year
How did you get two things wrong in a two part component?
Wish they handled it better, but I knew about this a while ago, and the price is more than reasonable.
A decade without a price hike is extremely generous, especially at how cheap their plan was.
They are a FOSS company that makes a fantastic product I’ve been happy with for years, I’ll gladly pay less than $2 a month to support them. Their server code is licensed with the AGPL, the strongest copyleft license there is, which gives me a lot of confidence.
Worse case scenario, they enshitify down the road, we are protected via the open source implementations. We’ve seen this many times in the past, Red Hat > Alma & Rocky Linux, Citrix Xen Server > XCP-ng, Terraform > Open Tofu.
Pay for your open source software, folks 💖
Paying for good software should be normalized again. One way or the other you’ll always pay. If you don’t pay with your money, you pay with your data.
Bitwarden has a paid version?
Yes indeed.
Yes, it includes things like a TOTP manager, text file storage, family sharing, etc… Nothing super groundbreaking, but it’s some quality of life stuff that plenty of people have been happy to pay less than a dollar per month for.
Bitwarden’s Premium version now costs $20 per year,
This is what you’re up in arms about? $1.50 a month?
It’s not about the price itself. It’s about the lack of transparency. Not being open with a 100% increase is not a good look.
Wasn’t this announced months ago? I know I heard something about it, probably on here even. Either way 20$ a year for Bitwarden is still well worth it.
free tier is totally fine for 99% of people. if i want a cloud, i pay for a cloud. hike was totally forseeable. its an ass move tho to birry info in a blogpost noone ever read.
yeah i was like, shit 0 times 100 is 0, with a 0, carry the 0…
The link is from February 1st, about a blog post in January. I clicked here thinking Bitwarden just raised their subscription price again haha.
Sorry!
product: We don’t have syncing. We’re focused on being a password manager User: Boo hoo I cri hard why you do this??? All the other password managers have itttttt
What product are you even talking about? Bitwarden has had syncing for years, if not from day 1
I kept procrastinating on self hosting it, but now i will do it tonight and migrate to my own instance.
Problem solved.
TBH, $10/year is a small price not to have to get my wife to change again after lastpass. She is not equipped to deal with enshittification.
If you do any sort of self-hosting, take a look at Vaultwarden. All the premium functions for free.
Before my entire network setup changed recently for unrelated reasons… I had Vaultwarden running on my home server (TrueNAS) and a free Cloudflare account with a tunnel to my home server and a $5/year domain. Worked for my parents easily and no longer had to worry about the big infrastructure being targeted.
Possibly but the main thing we find useful is the OTP generation. This means we can both use shared accounts without having to ask the other for a code. That’s probably an edge case, and not enough sites support it, but it’s really nice for the ones that do.
I doubt that is available in self-hosting but I’d be happy to be wrong about that. I have a raspberry pi serving up a couple of local things and I could register a domain if I had a use case for connectivity outside the house.
That is totally available self hosted. Nothing is blocked. In fact that’s why I originally switched, reducing unnecessary monthly costs.
OTP codes for websites as well as all the MFA options for Vaultwarden itself. It also supports organizations, so you can share info between multiple accounts on your server. Emergency access, and even a web vault client.
Everything the paid Bitwarden does as far as I’m aware.
That’s pretty freaking awesome, mate. Thank you!
Worth pointing out that Vaultwarden refuses service when you connect to it without HTTPS, meaning wherever you host it you also need to set up some way of providing it with SSL certificates. As a newbie to self-hosting myself, this has tripped me up quite a bit.
20$/year is still cheap compared to other password managers, but yeah, the lack of transparency is worrying.
Keepass is free?
Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you’re already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
Everyone has some kind of cloud service tho no? The database is encrypted so you can even sync it over googles cloud storage if you dont have nextcloud or syncthing.
Ok, so I just need to keep track of my encryption keys (or have a second complex and secure password to memorize), manually decrypt my vault to use it, re-encrypt it when I’m done, and ensure I have good backups?
EZPZ /s
What? I think you dont understand at all how this works. The database of any password manager is an encrypted file. When you open your password manager and type in the master password it opens that file and decrypts its contents for you and only saves them to memory. It doesnt actually decrypt the file on the drive. When you close the application it doesnt need to be encrypted again. This is exatly the same for all password managers, the only difference is that with web based ones the database file sits on bitwardens server instead of on your harddrive.
only one password to rememebr as the keepass master key is the encryption key.
keepass database is just a file that you sync using dropbox/gdrive/onedrive/nextcloud/seafile/owncloud/etc.
I run mine on a free dropbox account. its faster to set up than downloading keepass…
I use KeePass on like… I dunno 5-6 devices? They all sync together via Syncthing. No server needed. My keepass db is just one of the things synced this way.
Works pretty well.
These are the apps I use:
Desktop (Linux & macOS): KeePassXC Andrdoid: KeePassDX iOS: KeePassium
The whole ecosystem can be used for free. But like… tip your open source devs yo.
Syncing happens pretty quickly with Syncthing. So conflicts in the keepass DBs are very rare (maybe once a year if I’m impatient after a change on a different device). But they do happen, I’ll give you that. Some restraint (wait for sync) and checking (this is where sorting by modified helps!!!) what’s the latest change helps.
so is bitwarden. i dont get your argument here. bitwarden does a lot more for free than keepass
Person I replied to said it’s 20 bucks tho.
IMO Keepass and Bitwarden aren’t exactly the same, as the latter has cross-device sync built-in.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
Edit: part of what you’re paying for with BW is first-class native apps
Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
20 bucks are kind of a reason tho?
It is a reason, and a fine one. I certainly don’t pay for a subscription for my work stuff. I’ve told them we should have enterprise secrets management and shown them what that looks like. Not my problem anymore, and I have KeePassXC to handle everything I’m responsible for for work
Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
On an individual level, you only need one or the other. But which one is best for you may be different than which one is best for me.
I can’t think of a reason to choose Keepass over Vaultwarden.
The person you’re replying to already gave you one: it’s free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
Each have their pros and cons.
I think you misread. Lastweakness was talking about Vaultwarden which is a 100% FOSS reimplementation of bitwarden that you self host.
Vaultwarden, self-hosted is free as well. And since it’s not using the Bitwarden infrastructure, you’re only as exposed as your own network anyway.
But you can still use all the standard Bitwarden apps and extensions on any device, you just need to point it at your server. Easy to set up for friends and family as well. No need to try and teach them about VPNs, setting up syncthing, etc.
Every pro you listed is applicable to Vaultwarden as well. But I assume you misread it as Bitwarden.
Vaultwarden is open source: https://github.com/dani-garcia/vaultwarden
I can.
I realise now that I can think of one too. Which is that you don’t need to host it anywhere if you use something like Syncthing.
Also available offline, all the time in your hands.
Bitwarden works offline. Obviously can’t save to the server, but reading from what’s already on your local machine works just fine.
Isn’t it easier then just to use a (keepass) file? Also we carry phones around where we need secrets, too etc.
If you can’t selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can’t access your passwords.
Yeah this is true. FolderSync for cloud and Syncthing for p2p should work nicely.
I can’t think of a reason to choose Bit/Vaultwarden over Keepass.
Shared passwords
Easy to do on Keepass
Not really and not nearly at the same level
Yes and more easily
You know why Git was written in the first place, right? Some people think ahead.
Yeah, not handled well. They’re doing slimy corpo bullshit.
On the other hand, I like that they’re open source and don’t block stuff like vaultwarden.
I hope they can take the extra money and make the product better. Cuz I definitely don’t love Bitwarden, but it’s a better alternative than 1Password.
On the other hand, I like that they’re open source and don’t block stuff like vaultwarden.
YET
Quite easy to fork the client.
Getting it to install through the various stores? Probably not.
