this post was submitted on 18 Jul 2023
181 points (97.9% liked)

Technology

59665 readers
3476 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Just wondered what people are using for their password management.

I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.

So is it worth the switch? Will I lose out on anything by doing so?

I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.

Just interested in your thoughts and trying to stimulate conversation!

you are viewing a single comment's thread
view the rest of the comments
[–] flurry 104 points 1 year ago* (last edited 1 year ago) (8 children)

Bitwarden is open source (https://github.com/bitwarden) and was audited by privacytools.io, so I’m in team bitwarden !

It is perfectly integrated with all my devices and browsers, and it’s free to use.

[–] protput 14 points 1 year ago

Jup bitwarden is pretty awesome! I use a self hosted vaultwarden. You can link it with the bitwarden browser extensions.

[–] [email protected] 10 points 1 year ago (1 children)

If to choose it will be Keepass 🙂

[–] [email protected] 1 points 1 year ago (1 children)

Same. I even self-host it now, no getting caught up in massive data breaches for me!

[–] [email protected] 1 points 1 year ago

I feel way more comfortable with having this one file than relying on some cloud-someone-computer thing. And experience is smooth thanks to Syncthing.

[–] [email protected] 9 points 1 year ago

Been using Bitwarden for some time. Really like it.

[–] Auduras 4 points 1 year ago (5 children)

Question for you since you mentioned how it's integrated with all your devices. I currently do not use a PW manager (I know, shame on me). Let's say I get bitwarden, do I need to go back and change every password on every website to the bitwarden-generated password?

It just seems like I'm "In too deep" in a way where it'll be a pain in the ass to set up.

[–] flurry 7 points 1 year ago (1 children)

If you have stored your credentials in your browser, you can export them to Bitwarden. It’s fairly easy and will save you a lot of time.

The point of using Bitwarden (or any password manager) is that you have no idea what your password is. From a security pov you « should » update your credentials but no need to rush, one step a time 👍🏼

[–] DeriHunter 3 points 1 year ago* (last edited 1 year ago)

I started using bitwarden half a year ago and this is what I did. But once again moved, I Figured it worth nothing if I have weak and shared passwords across apps and sites. so eagrly I changed all the password on accounts that hold my financing details (bank, google, PayPal, etc..) and then lazily, every time I had to go to a site like lemmy for instance I changed it on the way

[–] [email protected] 5 points 1 year ago

When I switched to bitwarden I updated my password to a more secure (bitwarden-generated) password each time I logged into a site and stored it on bitwarden. Painless. That's how I got better passwords across the board and incrementally moved over to bitwarden.

[–] [email protected] 3 points 1 year ago

Are you forced to? No. Should you anyway? Yes. I did what @[email protected] said: just change them when you login. That way it doesn't feel like a grand undertaking, and you still end up with extremely secure passwords that you don't have to remember.

Also, i recommend generating your master password. If my senior mom staring down the barrel of alzheimers can remember a 12-digit string of random characters (after emptying out all the space wasted by a few dozen passwords), you can too

[–] PeddlingAmbiguity 1 points 1 year ago

You can just add your current passwords to bitwarden, no need to change any passwords if you don't want. It actually takes less effort than you might think. Just add your username and password each time you need to login to something and everything will be added pretty quickly.

[–] [email protected] 1 points 1 year ago

I felt the same as you. Here's how I managed to deal with my piles of accounts: get BitWarden set up, and pick a few main accounts to enter in and generate new passwords for. Delete your login data and cookies from your browser, then add accounts to BitWarden and generate new passwords as you come to need them. That way it's one at a time not all at once. Made it manageable for me! (BitWarden even prompts you if you'd like to save a login if it's never seen it before)

[–] [email protected] 4 points 1 year ago (1 children)

FYI privacytools[.]io has long been commandeered by the BDFL who apparently accepts—how do i put this impartially?—financial incentives for supporting specific software.

Privacyguides.org is the version maintained by the original privacytools team that have been doing the lion's share of the work since 2019

[–] flurry 1 points 1 year ago* (last edited 1 year ago)

There’s a huge drama between privacytools and privacyguide, I’m not sure anyone here can tell what happened internally after reading both side of the story.

Yes privacy tools accept sponsoring but it should be transparent about it ? It was the case before, I’m not using the site anymore so idk if things have changed in a bad way I’m sorry I promoted it.

[–] [email protected] 4 points 1 year ago

Y no one mention self hosted valutwarden

[–] [email protected] 2 points 1 year ago

+1 for Bitwarden, have used it for years. In general, always go open source, especially for privacy / security tools.

[–] [email protected] 1 points 1 year ago

Bruh that site doesn't do the audits themselves and if they did I would steer clear of anything they say they audited, look at all the sponsored suggestions, who would trust a site with those on it