Just wondered what people are using for their password management.
I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.
So is it worth the switch? Will I lose out on anything by doing so?
I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.
Just interested in your thoughts and trying to stimulate conversation!
keepass
Bitwarden with a free account here, and it does everything I need it to do (and more than I’d expect for free). Between the app on my phone and browser addons/extensions on PC, I honestly don’t know what else I’d personally need from it (or any other password manager). Plus, it’s open source.
Bitwarden.
KeePass for me. I manage my own database, don’t rely on clouds and etc.
I just use firefox to remember my passwords
is there an advantage to switching to some third party app like bitwarden?
I feel like firefox is good enough and very easy to view/manage my passwords, but open to arguments why others are worth switching to
How does it store them though? I thought (this was maybe long ago) they they were stored plaintext on your machine instead of in an encrypted vault like password managers.
I’ll be honest, I have no idea how secure the firefox passwords are stored… maybe I should actually research this some more
but I would hope Mozilla has a reasonably secure method in place
App fill is a pretty useful feature of most third-party password managers. When I open an app on my phone, it will recognize which login(s) are associated with it and autofill.
Also, the ability to create and store secure notes has proved invaluable. I don’t want to store things like safe combinations in plain text in my Google Drive.
You’re all awesome. So much feedback for me to work with.
I’d say the vast majority are recommending Bitwarden (or Vaultwarden should I want to self host), with lots of shoutouts for 1Password as well. Honourable mentions for KeePass as well as a few others.
I’ll continue to run Bitwarden in parallel to 1Password for a little while longer to see if I prefer one over the other. I’ll definitely look into self hosting it as well, although I don’t currently have a domain name so would either have to get one or do the slightly more convoluted method of getting self-signed certificates.
Thanks all for taking the time to indulge me — very much appreciated.
I self host a Bitwarden server fork called vaultwarden. It works with all the official Bitwarden apps and browser extensions and I am very happy with it. I never used 1password though so I cannot comment on any missing features.
I’m also part of the Vaultwarden crowd. I’ll never trust something that isn’t open source.
Thanks, I’ll look into it I think
Isn’t Bitwarden open source?
Yes, I’m using Vaultwarden as lightweight alternative to the Bitwarden server.
I’m saying I don’t trust 1Password. The OP asked for 1Password vs. Bitwarden. To me, Vaultwarden = Bitwarden and 1Password = Closed source crap.
Ah makes sense
Yes, but they may not be singling out Bitwarden as not being open source. It’s likely just that they use Vaultwarden as it’s more lightweight. Also Vaultwarden is only self-hosted, so you can be sure what code is running on the server, whereas Bitwarden has a hosted option. I’d imagine there’s a way to tell but from my understanding, you just have to trust that they run the code they say they are running.
Ive used both, Bitwarden feels more mature plus it’s open source. But 1Password is probably more user friendly for less tech savvy people.
Thanks. I’m tech savvy so that’s not a problem. Just always used 1Password based on recommendations. More than happy to go open source, and 1Password 8 feels like a step backwards from 1Password 7.
I agree that 1password 8 is a step backwards when they switched to electron from native app on Mac. I’m still sticking on 1password 7 because of that.
Just out of curiosity, why exactly is it a step back? I’ve heard this comment several times but, having only used 1Password 8 (which I quite like), I have nothing to compare it to.
Because it’s now an Electron app on macOS and — in my personal view — Electron apps suck. Much prefer native apps.
Functionality-wise it’s the same, but just doesn’t feel as nice to use, if that makes sense.
Bitwarden’s desktop app is also electron, just a heads up
Good to know, thanks!
If it helps, I’ve been using Bitwarden since 2019 and never installed the desktop app. Can’t imagine what you’d need it for.
Fair enough, to each their own. I understand why electron apps might not be everyone’s cup of tea, but I think some really do work very well (VSCode is the standout).
Now you may have me there. Visual Studio Code is certainly an exception, I’d be willing to admit.
What’s the problem with Electron apps?
I’ve never understood those problems. I’m not saying they don’t exist, I haven’t investigated it or anything lol, but I don’t see why individual non-electron programs have less overhead than individual electron programs when the argument is that multiple would-be electron apps could share one browser instance because multiple non-electron apps also don’t share anything.
Also I don’t see how not using a chromium base would make programs better about having massive 1 GB directories of various temp files.
What am I missing? Because clearly those problems exist.
I can’t say I fully understand the ins and outs of it because, like you, I’ve never looked into it in any great detail.
I’ve used VS Code for a while and I remember seeing a post on Reddit about how good it is “for an Electron app”, which raised my interest. I then saw more and more complaints about Electron apps, mainly around how they consume a lot of resource and ultimately crash peoples machines, resulting in data loss.
Don’t get me wrong, I see the benefits of Electron apps — they’re easy to deploy across multiple OSes which makes things a lot easier for developers. But I guess as a macOS user, I do love a native app for its look and feel and user experience. Not knocking that on all Electron apps, it’s just a preference.
I feel the same. I therefore use Bitwarden myself(not selfhosted as I don’t trust myself to host important things quite yet), and control 1Password for the rest of the fam.
I use Bitwarden and I’m planning on switching to self hosting Vaultwarden soon.
I may look into VaultWarden because I do have a bit of self hosting going on as well…
1Password is good from what I understand, but yes it’s expensive compared to the competition. It just… is, and they don’t mind because they’re going primarily after enterprise business.
BitWarden is pretty much the leader in the field and has been for some time, not counting self-hosted only apps e.g. KeePass.
Not to mention, the Premium plan only costs $10/year or $1/month. I used the free version for sharing passwords with my SO for years until I wanted to start storing TOTP codes, which requires premium.
Bitwarden here
Full disclosure: I’ve never used 1Password so can’t really comment on it compared with others, but I’m currently running a selfhosted Bitwarden re-implementation (vaultwarden) and am generally pretty happy with it. I’ve only ever used LastPass as a password manager before (aside from a seeding algo back in the day), and while I really don’t like their business practices or security history, their extension has or at least had a bit better consistency on Firefox than Bitwarden does, at least with regards to detecting username/password fields and detecting when a new credential is being created and asking it to be saved automatically. That being said, it’s something that I can live with considering it’s free software. As far as I’m aware, in terms of features all the big players in that space are pretty evenly matched, though I do remember some advanced feature that 1Password offered over others; maybe related to privilege access management in enterprise.
I use Bitwarden after trying out several recommended alternatives. It’s what works best for me and my workflow (individual personal and work use). The browser extension is a lifesaver.
I remember trying 1Password and deciding against it for some reason, but I don’t remember what. My overall impression now is that it was a fine product, but Bitwarden was a better fit. I’d say use whichever meets your needs.
I do think 1Password is a bit more polished than Bitwarden, and auto-fills more reliably for me (depending on the website, of course). I use 1Password for work, but choose Bitwarden for personal use because I value an open-source solution that I COULD self-host if I wanted to. I don’t self-host, because I’m lazy, but I COULD if I wanted to. It’s also a very cheap family plan compared to 1Password, I’m still trying to convince all my old people to use a damn password manager! But one could argue that using 1Password’s more polished interface instead of Bitwarden might make my life easier…
I haven’t had a problem with auto fill. Especially once you regularly use their default ctrl+shift+L to autofill. It may also be worth noting that some custom fields, if you make the name the exact same as the field, it will include that in the autofill. One of the sites I use has a company ID, and it autofills that too.
Haha I hear you re: the old people. My parents use a notepad, and they scribble out old passwords and write down the new ones. It’s beyond archaic. And my dad has dementia which is just a recipe for disaster.
I’ve added them to my 1Password family and setup a separate vault for them to use, and I have a few of their key passwords shared with my vault in case they lock themselves out of important accounts.
But I’m sure if I did decide to switch to Bitwarden I could move them over pretty easily.
Right, that’s the beauty of using a GOOD password manager, whether it’s Bitwarden or 1Password. They both make it relatively easy to export and import all your passwords.
My mom took to it pretty easily, but then again, someone changed her Amazon password and it took ages for her to convince Amazon to unlock her account, so she was pretty motivated to take steps to prevent something like that from happening again.
Yeah that’s my experience as well, it takes an event like that to scare them into taking password management seriously. I guess I’ll just have to wait until my various olds have all been hacked or had their identities stolen, and THEN maybe they’ll let me sign them up for Bitwarden. Eyeroll.
Yup. “It’s too much work to do preventative stuff” followed by “No one could have predicted this”.
A tale as old as time.
I bought my wife and I the family plan for 1password. The incident for me that got her to start using it was when her phone died. She couldn’t remember her Gmail password and was only currently logged in on her phone. She couldn’t remember her backup email passwords either. Somehow we were able to unlock her email with mine with a 72 hour delay or something crazy. It took so much effort to not be like “I told you so” but she pretty much told herself the same thing lol. Since then she uses it and loves it.
