![]() ![]() ![]() ![]() LastPass recently restricted its free service to a tough choice: pay up, or be restricted to using it with either computers or mobile devices. You could, theoretically, host the backend infrastructure yourself. Even the server-side synchronization component is open source. Bitwarden offers browser extensions and apps for all common operating systems. Three years ago, I migrated to Bitwarden as LastPass just kept cutting features and platform support.īitwarden is an open-source alternative to the proprietary LastPass password manager. I eventually got with the time and started using LastPass. It comes down to keeping my passwords out of the browser, and my setup simple and manageable.įor years, I was (and still am) unwilling to trust hosted password manager services. You can unlock ssh keys also with it.Here’s why I decided to move my passwords to a KeePass database file instead of using Bitwarden with a self-hosted server. Linux version can be integrated with secret-tool, so lot of scriptability. YMMVĪrgon2 key stretching, much more customisable security if you really need it, choice of Chacha20 if you don't like/want AES I know some people say you should not put TOTP codes in the same app, but TOTP is for a different threat model so I am OK doing this. This also is effective phishing protection, since the site must match in a way that cannot be fooled (unlike a human who might mistake for )īuiltin TOTP support. Keyboard is very user-friendly and powerful, with meaningful icons for selecting username, password, TOTP code, etcĭesktop version has excellent browser plugins - again, no copy-paste it's a secure path from the browser to keepassxc via the extension So no copy-paste, no risk of some other app seeing the passwords. ![]() Some features I like in keepassxc (off the top of my head):Īndroid version has a keyboard function (i.e., it can act like a keyboard). If you don't need to do that, keepassxc+syncthing (no cloud) is much safer - I never trust any cloud service, and I am too cheap/lazy to self-host The only advantage I see with BW is if you need to simultaneously edit the passwords from two different machines Strongly suggest keepassxc (keepassdx on android) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |