this post was submitted on 21 Sep 2023
1064 points (97.8% liked)
Open Source
31710 readers
184 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Bitwarden password manager. I've used several proprietary PW managers, Bitwarden is by far the most stable, intuitive, and functional IMO.
Bitwarden is so good. I cant be bothered to self host it tbh, but ill gladly throw money their way for premium for having the best cloud-hosted PW manager
My argument for self host of something that needs to be ultra secure is, they will do a better job at it than me.
For me the argument is more that there is always a point where I duck up my self hosting infrastructure and at this point I will need passwords to fix it.
It is great and I do use it, and it was super easy to export from lastpass
BUT the autofill is so unreliable in comparison, it's annoying
Try the AutoFill keyboard shortcut Ctrl-Shift-L (or Cmd-Shift-L on Mac). Works well enough for me.
But that's only auto after a manual button press, that's half the auto! In lastpass when I visited a page, it would just fill it in and log in for me without any input.
Sometimes bit warden doesn't even realise it has a password for the site because it's looking for a specific URL rather than a wildcard match to the domain.
Sucks on Android tho
If you opened it once, so a process exists, it usually will work with it's autofill. At least on my Samsung it does after opening it once.
It sucks for login like ~~Twitter~~ X though.
Works perfectly on mine.
Yeah that could definitely be improved. There’s been talk on GitHub issues about adding support to fill Shadow DOM fields, honestly don’t know if they’ve done it yet but that would be a big help for web apps like HomeAssistant.
I've been looking for a good password manager, and I've heard a LOT of good things about Bitwarden... guess I'll have to bite and see what all the fuss is about!
Pro tip : if you self host use vaultwarden. It's 100℅ compatible with all bitwarden clients but has many more features and is lighter weight
Also KeePass, I've switched from bitwarden to KeePassDX on mobile and set up syncing to nextcloud and google drive. Aegis for time based OTP's.
Keepass can also do TOTPs.
Bitwarden / VaultWarden also does totp
Yeah it is pretty solid. I used to use KeepassX, which while also a very cool project, was a bit more tinkering than needed. I hosted the database on a mainstream cloud provider though, and figured at that point, you might as well use the cloud storage of a company with a great security reputation instead and just bundle all together. And so BitWarden.
Yeah, I just went with Bitwarden's own cloud because it was so affordable, accessible, and easy.
And their integrations are really solid too.
Bitwarden is to me the simplest and most effective PW manager, just perfect at what it does. I however switched from Bitwarden to Proton Pass only because the latter has a mail aliases generation integrated (with Proton Unlimited)
You can setup anonaddy or duckduckgo with bitwarden to generate alias emails automatically. The best setup we get for free.
I used Bitwarden a lot but it pissed me off that I couldn't add new entries while offline, that accessing attachments requires me to be online as well, and that attachments are not part of the backup.
I switched back to Enpass due to that, which has even a slightly better UX IMHO. It's not FOSS though, but uses the FOSS sqlcipher library for storage. So if push comes to shove, I can still exfiltrate my data without relying on the vendor.