• dan@upvote.au
    link
    fedilink
    English
    arrow-up
    24
    ·
    edit-2
    5 months ago

    Go with something external, BitWarden or 1Password,

    When it comes to security software, I usually recommend sticking to open-source solutions, which is why I’d recommend Bitwarden over 1Password. Their whole stack (backend, frontend, and native apps) is all open-source. A premium account is well worth the $10/year.

    You can self-host their server, or self-host Vaultwarden which is an unofficial API-compatible reimplementation of the Bitwarden backend designed to be lighter weight. Note that Vaultwarden is unofficial and hasn’t gone through the same security audits as Bitwarden has. It’s a good piece of software though.

    • rekabis
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      5 months ago

      Use ButWarden myself for a login-only subset of my KeePass content. I absolutely recommend it every chance I get, but some people prefer 1Password because reasons. And 1Password is pretty much the best closed-source option out there, which is why I do so… anything to give people options that keep them away from clusterf**ks like LastPass.

      • JC1
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 months ago

        I migrated from Bitwarden to 1password because I wanted something that works better on Linux. With 1password-cli and PAM integration mainly. Bitwarden worked beautifully under Windows, but once I switched over to Linux, I realised that 1password had more Linux friendly features. I track some discussions over bitwarden that talk about implementing those features, I might come back at some point.

      • dan@upvote.au
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        5 months ago

        Definitely true… Using 1Password is still better than reusing the same password for every site. I’ve never used it but it gets a lot of good feedback, especially from Mac users.

        • JackbyDev@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          5 months ago

          The only problems I’ve had with 1password are usually not 1password’s fault. Like needing to log into something that opened through the Gmail’s app’s built in browser that closed the page when the app loses focus.

          I wish there was a way to link passwords and have note fields that are hidden by default. I’ve got a lot of stuff at work that is linked to my LDAP password but for various reasons uses different usernames on different sites. It’d be nice if there was a way to tell it “I know this password is reused, I promise it’s okay”