Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you’re already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
I use KeePass on like… I dunno 5-6 devices? They all sync together via Syncthing. No server needed. My keepass db is just one of the things synced this way.
The whole ecosystem can be used for free. But like… tip your open source devs yo.
Syncing happens pretty quickly with Syncthing. So conflicts in the keepass DBs are very rare (maybe once a year if I’m impatient after a change on a different device). But they do happen, I’ll give you that. Some restraint (wait for sync) and checking (this is where sorting by modified helps!!!) what’s the latest change helps.
Everyone has some kind of cloud service tho no? The database is encrypted so you can even sync it over googles cloud storage if you dont have nextcloud or syncthing.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
Edit: part of what you’re paying for with BW is first-class native apps
If you can’t selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can’t access your passwords.
(Edit - I misread as Bitwarden and went off on the wrong tangent. Vaultwarden is not centralized, and it’s FOSS - my bad.)
The person you’re replying to already gave you one: it’s free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
20$/year is still cheap compared to other password managers, but yeah, the lack of transparency is worrying.
Keepass is free?
Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you’re already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
I use KeePass on like… I dunno 5-6 devices? They all sync together via Syncthing. No server needed. My keepass db is just one of the things synced this way.
Works pretty well.
These are the apps I use:
Desktop (Linux & macOS): KeePassXC Andrdoid: KeePassDX iOS: KeePassium
The whole ecosystem can be used for free. But like… tip your open source devs yo.
Syncing happens pretty quickly with Syncthing. So conflicts in the keepass DBs are very rare (maybe once a year if I’m impatient after a change on a different device). But they do happen, I’ll give you that. Some restraint (wait for sync) and checking (this is where sorting by modified helps!!!) what’s the latest change helps.
Everyone has some kind of cloud service tho no? The database is encrypted so you can even sync it over googles cloud storage if you dont have nextcloud or syncthing.
IMO Keepass and Bitwarden aren’t exactly the same, as the latter has cross-device sync built-in.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
Edit: part of what you’re paying for with BW is first-class native apps
On an individual level, you only need one or the other. But which one is best for you may be different than which one is best for me.
20 bucks are kind of a reason tho?
Can always self-host.
so is bitwarden. i dont get your argument here. bitwarden does a lot more for free than keepass
So is BitWarden if you self-hosted. The price increase is for a hosted service which Keepass does not provide.
I can’t think of a reason to choose Keepass over Vaultwarden.
If you can’t selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can’t access your passwords.
Yeah this is true. FolderSync for cloud and Syncthing for p2p should work nicely.
(Edit - I misread as Bitwarden and went off on the wrong tangent. Vaultwarden is not centralized, and it’s FOSS - my bad.)
The person you’re replying to already gave you one: it’s free.Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.Each have their pros and cons.Vaultwarden is open source: https://github.com/dani-garcia/vaultwarden
I think you misread. Lastweakness was talking about Vaultwarden which is a 100% FOSS reimplementation of bitwarden that you self host.
I can’t think of a reason to choose Bit/Vaultwarden over Keepass.
Web interface, no client software required. I can fire up a brand new machine and access my DB without installing anything.
I can.
I realise now that I can think of one too. Which is that you don’t need to host it anywhere if you use something like Syncthing.
Also available offline, all the time in your hands.
Bitwarden works offline. Obviously can’t save to the server, but reading from what’s already on your local machine works just fine.