I use it currently, but I’ve seen a few people say it’s bad for privacy or something? Is this true? If so, what alternatives do you suggest?
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 14 users / day
- 18 users / week
- 24 users / month
- 15 users / 6 months
- 20 subscribers
- 619 Posts
- 1.56K Comments
- Modlog
There’s an Open Source implementation called Vaultwarden. You should certainly export your passwords from Bitwarden so they can’t keep them hostage.
Alternatives include Passbolt (no offline client, weird French crypto implementation of RSA), KeePassXC (best for single users, not good for sharing) and QtPass/gopass/pass (best solution if you are very proficient with GPG and like the command line).
I’d like to add that Password Store has built-in integration in GNU Emacs and you can easily navigate your vault via pass. Further, syncing your passwords with other devices is only a matter of creating a Git respository, and using Android Password Store and OpenKeyChain to access and decrypt them on mobile.
I have years of experience with GPG and still didn’t manage to set up a shared password repository with pass and derivates which is usable by people without my experience. I’m talking junior devs, senior devs and junior admins here. I only managed to make it work between a few DevOps and admin people. Our senior DevOps guy didn’t even bother because it has so many papercuts.
The most promising client to me apart from gopass (not to confuse with go-pass) was QtPass but even that was lightyears away from KeePassXC in terms of UX.
Maybe another thing to add is that there’s pass-import which can convert several different formats of password stores between each other and to pass itself.
imo your tone is a bit blowing this out of proportion, you can stay on the free tier, pay regularly for a very good service or even self-host. they are not keeping your password “hostage”.
Yes, that’s why I said you should export the passwords regularly, so they can not hold them hostage. Whether they currently do it or just remove some features when you stop paying is irrelevant since they could change that tomorrow.
What do you mean by “keep them hostage”? Why would they do that?
You pay for their service and when you stop paying, you lose access to the passwords you didn’t synchronise to your local client before that happens.
I use the free personal plan myself.