this post was submitted on 11 Jul 2023
638 points (98.5% liked)

Asklemmy

43945 readers
624 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 43 points 1 year ago (3 children)

A good alternative to Bitwarden is KeePass/KeepassXC btw

[–] [email protected] 32 points 1 year ago (4 children)

A good alternative to keepass is a self hosted vaultwarden btw. (compiled from bitwardens opensource code iirc)

[–] [email protected] 6 points 1 year ago

I agree. But I think is much easier for people to use KeePass compared to self hosting Vaultwarden

[–] [email protected] 6 points 1 year ago (1 children)

Vaultwarden is not compiled from Bitwarden's code, it's a separate project and codebase but designed to be compatible with Bitwarden's API.

Bitwarden is open source and you can self-host it but IIRC it's a bit more complex and resource-hungry than Vaultwarden.

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago)

They have totally different design goals which is why Bitwarden is more resource-hungry and more complex to deploy. Bitwarden can scale up to large use cases such as companies with hundreds of thousands of employees (it's what they run on the hosted version, after all), whereas Vaultwarden is designed to be small and light for home use cases where you almost always have <10 users total.

[–] [email protected] 1 points 1 year ago

I agree, I do this and it works great.

[–] [email protected] -5 points 1 year ago (2 children)

Nothing can beat passwords written on paper though

[–] [email protected] 31 points 1 year ago (3 children)
[–] [email protected] 17 points 1 year ago (1 children)

So I will write them on a rock, instead.

[–] [email protected] 14 points 1 year ago

But paper beats rock

[–] [email protected] 4 points 1 year ago

I was talking about digital espionage, assuming one is not stupid enough to record their offline passwords digitally

[–] [email protected] 3 points 1 year ago

But rock beats scissors. What if paper has an alliance with rock to be protected from scissors in return for paper not covering rock?

[–] treadful 7 points 1 year ago

Physical access can. Indentations on the below page can. Fire and moisture can. Someone looking over your shoulder can.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

I found keepassium for the work phone and I was in love that I could keep a separate db with my OTPs under a password and backed up.

Then I left that job and had to split my OTPs. Vanilla keepass for droid will gives me the OTP values for gitlab etc, so it's good there, but Vanilla keepassium for Android has no camera/QR->OTP input that I have yet, one that works like keepassium does and is all compatible down the line. I'd love to keep using it to maintain the existing separate keepass OTP db I have.

Do you (or anyone) know of a good combo for droid that gets

  • keepass
  • backup to box/gdoc/etc
  • qr for OTP

In one final package? Does XC do it in a way we think may be compatible?

[–] [email protected] 1 points 1 year ago

Keepass2Android does all that on android. It natively supports Dropbox, google drive, one drive, nextcloud, pcloud, and mega, plus you can use WebDAV or sftp. When editing an entry, the totp setup has the ability to scan qr codes with the camera. Plus, the whole thing is free and open source.

They even have a package on F-Droid, though that build lacks the built-in support for cloud syncing (due to F-Droid restrictions prohibiting binaries, I think).

I've used this app for years on android, paired with various cloud sync options as providers change their restrictions and capabilities. On desktop, I use keepassxc.

[–] [email protected] 2 points 1 year ago (2 children)

Hm i switched from KeePass to Bitwarden because the latter lets me use my passwords on multiple devices and as a Firefox extension that enters my credentials at a shortcut.

Can you elaborate why you think KeePass is better?

[–] [email protected] 4 points 1 year ago

I think it’s more flexible. Also, due to the databases just being normal files you can sync them with syncthing between your devices.

In my case I run a NAS at home on which they’re stored so I don’t need to sync them. I just open them directly from the NAS.

[–] [email protected] 1 points 1 year ago

I do all of that with Keepass, for what it's worth.