Just wondered what people are using for their password management.
I’m currently using 1Password on a family subscription for both password management and 2FA (and then Authy for the 1Password 2FA). But I’m seeing a lot more posters — particularly since joining Lemmy — championing BitWarden (either cloud or self hosted) and Raivo OTP as a cheaper, almost-as-functional alternative.
So is it worth the switch? Will I lose out on anything by doing so?
I’m currently running BitWarden with a free account to see if I can live with it. But I must admit, 1Password is a staple app for me and one that I would say is priceless to my workflow and setup.
Just interested in your thoughts and trying to stimulate conversation!
Odd seeing so many people prefer Bitwarden specifically for the polish and UI. Those are the reasons I chose 1Password. Both work! Both are actually pretty good solutions. But after using Bitwarden for quite a while for work, I set up 1Pass for my personal stuff. It's just nicer and easier to manage, imo, even as a tech savvy user.
I do think 1Password is a bit more polished than Bitwarden, and auto-fills more reliably for me (depending on the website, of course). I use 1Password for work, but choose Bitwarden for personal use because I value an open-source solution that I COULD self-host if I wanted to. I don't self-host, because I'm lazy, but I COULD if I wanted to. It's also a very cheap family plan compared to 1Password, I'm still trying to convince all my old people to use a damn password manager! But one could argue that using 1Password's more polished interface instead of Bitwarden might make my life easier....
KeePass is great. Has all the features I want and then some. Everything is stored locally, you can encrypt with password and private keys and it even has the ability to sync dabases on a on a home server. I use it on windows and android. Since 99% of the time I make password updates on my phone I'll just sftp the database file to my server and then use it to sync with my windows machine next time I'm on it.
Vaultwarden might be worth looking into when you have time or want to set it up to check it out. Self-hosted Bitwarden compatible server written in Rust. Lets you store OTP for free which is a convenience I enjoy.
I recommend KeePass, used it for years, open source, not hosted, can use a key file for added security and works well with nextcloud, drive, Dropbox, etc
I've used BitWarden for a few years now and I really like it. I've set it up on both my PC and phone browsers, and it does its job well. Never paid anything for it, the free tier is generous enough for casual users like me.
1Password is way better, but it's more expensive and not open source.
Bitwarden is, like most open source apps, jankier than 1Password. Not as mature. But people that care a lot about their software being open source will use it because it's the best open source option we have at the moment.
I'm a HUGE 1Password fan--and have been for years. It is always the very first app I install on any device. Paid for every upgrade since v4 when I discovered it.
I was sceptical of the switch to Electron, but it's just the front end. The backend is written in Rust and performance has been great. It's not native, but that's a current trend right now...
I was even sold on the subscription model, and now manage a family account for my wife and kids.
I'm using a combination of KeePassXC on Windows/Linux, KeePass2Android and Syncthing for database synchronization, plus a Yubikey for 2FA. Granted, it's not a setup I'd recommend towards non-tech people, but it would take a lot before I'd switch:
Works completely local, so I never have to worry about being locked out for any reason.
Despite that, I still get the benefits of online synchronization through Syncthing.
KeePassXC has by far the most powerful autotype functionality, which is a big timesaver since I often need to type passwords into non-browser windows.
The last point in particular was a dealbreaker when trying out Bitwarden/Vaultwarden a few years ago.
I use Bitwarden after trying out several recommended alternatives. It's what works best for me and my workflow (individual personal and work use). The browser extension is a lifesaver.
I remember trying 1Password and deciding against it for some reason, but I don't remember what. My overall impression now is that it was a fine product, but Bitwarden was a better fit. I'd say use whichever meets your needs.
I've been subscribed to 1Password for around 8 years now, and don't intend to cancel it any time. It's super convenient, updated frequently, and seems to be audited independently to ensure security too. Just recently they've added a few features that make my life as a developer with multiple machines so much easier. OTP on every logged in device too, so I don't need to constantly migrate the horrible Authy setups, or whatever else people use
I've used both and they're both great. I didn't like the migration process for Bitwarden -> 1Password. I think I ended up downloading some python script to change the format of my Bitwarden export to a format 1Password could understand. I imagine the migration process is a lot better now since it's been about a year since I've done that.
Outside of that, I like the design of 1Password better, and it also tends to auto fill more reliably as well. iirc Bitwarden has auto fill as well, but it didn't work great for me, so I ended up copy pasting passwords instead. Not a huge deal, just something to keep in mind.
I self host a Bitwarden server fork called vaultwarden. It works with all the official Bitwarden apps and browser extensions and I am very happy with it. I never used 1password though so I cannot comment on any missing features.
Bitwarden with a free account here, and it does everything I need it to do (and more than I'd expect for free). Between the app on my phone and browser addons/extensions on PC, I honestly don't know what else I'd personally need from it (or any other password manager). Plus, it's open source.
1Password is good from what I understand, but yes it's expensive compared to the competition. It just... is, and they don't mind because they're going primarily after enterprise business.
BitWarden is pretty much the leader in the field and has been for some time, not counting self-hosted only apps e.g. KeePass.
Not to mention, the Premium plan only costs $10/year or $1/month. I used the free version for sharing passwords with my SO for years until I wanted to start storing TOTP codes, which requires premium.
You’re all awesome. So much feedback for me to work with.
I’d say the vast majority are recommending Bitwarden (or Vaultwarden should I want to self host), with lots of shoutouts for 1Password as well. Honourable mentions for KeePass as well as a few others.
I’ll continue to run Bitwarden in parallel to 1Password for a little while longer to see if I prefer one over the other. I’ll definitely look into self hosting it as well, although I don’t currently have a domain name so would either have to get one or do the slightly more convoluted method of getting self-signed certificates.
Thanks all for taking the time to indulge me — very much appreciated.
Full disclosure: I've never used 1Password so can't really comment on it compared with others, but I'm currently running a selfhosted Bitwarden re-implementation (vaultwarden) and am generally pretty happy with it. I've only ever used LastPass as a password manager before (aside from a seeding algo back in the day), and while I really don't like their business practices or security history, their extension has or at least had a bit better consistency on Firefox than Bitwarden does, at least with regards to detecting username/password fields and detecting when a new credential is being created and asking it to be saved automatically. That being said, it's something that I can live with considering it's free software. As far as I'm aware, in terms of features all the big players in that space are pretty evenly matched, though I do remember some advanced feature that 1Password offered over others; maybe related to privilege access management in enterprise.
I've been using 1Password since at least 2010 and been very happy with it so I've never seriously considered switching away from it. I've messed around with Bitwarden and thought it was pretty good though.
I don't know much about 1Password, but I've been using BitWarden for years.
The autofill feature is nice, but sometimes you'll have to unlock the vault for it to continue to work, which can be a pain at times. It's pretty flexible, you can save personal information and cards on top of logins, and it has a password generator built in that I pretty much always use now for making my passwords. It's not fancy, but it's really functional, and works on all my devices without issues.
I was using Bitwarden for a few years, it is a great option. Once you've adjust your workflow over to it I doubt you'd miss 1pass
I recently switched to Proton Pass as I've moved over to their ecosystem, it's it'll pretty early days and it's got it's problems but I am finding it reliable so far
Haven't used Bitwarden, but I've heard good things about it.
Until recently I was using Google Password manager and a half-hearted attempt a "system" for unique passwords. Luckily, I wised up and decided to raise my game... after a bit of research, I went with 1Password, and I've been very happy with it.
The integrations are okay, though not perfect. But the thing that has been most useful for me is the Watchtower stuff that basically gamified my security and forced me to change repeated or insecure passwords. I feel in much better shape now, and feel very confident in 1Password's encryption model. So, for me at least, it has been worth the money.
My work uses 1 Password. It feels relatively safe. They claim that if you don't have your master key they can't restore your passwords. Can not ensure the validity of that claim.
Personally I use Bitwarden and KeePass for my passwords. They are both open source and audited by 3rd parties. I trust them.
I've been using (and paying for) Bitwarden for a few years now. There are slicker solutions but it does the job for me and I don't really see any need to change.
I have no experience with BitWarden, but I do like 1Password. I previously used LastPass, and 1Password has much better browser/device integration, in my experience. I've been happy with it and intend to keep my family subscription.
I used 1Pass and really enjoyed the native app for a while until they forced everyone to a monthly subscription. Then they moved to electron for the MacOS app and I dropped them. Bitwarden has everything that 1Pass did for me and it’s free. The only thing that Bitwarden lacks is CoreUI animations and fluid transitions (everything is instant when you click it).
I’ve been using Bitwarden for years now, and I really enjoy the seamless experience across platforms. I use Windows at work, Mac/Linux/Windows at home, I also have an iPhone, iPad, Android tablets, and a Chromebook. Bitwarden works great everywhere. I originally chose it because it’s open source so I could host it myself if I wanted to.
I actually pay for Premium ($10/year) because I wanted to use FIDO hardware keys, but you also get 1GB for encrypted file attachments, which is handy.
BitWarden does everything I want, so I have a hard time considering paying far more for 1Password which does the same thing.
I used LastPass Families for a few years, switched to 1Password for one year, and am now on Bitwarden. For me, it was the native MacOS app, so I can auto-fill apps besides just the browser (e.g. game and productivity software logins).
I jumped to Bitwarden the moment 1password switched to subscription model, and I'm very glad I did although I was a 1password user for many years. Bitwarden works perfectly fine for me. Sure, 1password is more polished, but Bitwarden is open source which I value more.
I moved from 1Password to Bitwarden because I was struggling to pirate the former.
NGL, I think it is kinda stupid to use a hacked software as important as a password manager, same as with an antivirus, so for me the way to go has been to selfhost Bitwarden, haven't looked back since that.
Are you only interested in hosted applications? I've been using Keepass for years without any complaints. Though now that I'm seeing this thread filled with selfhosted vaultwarden comments, I might look into that though.
Bitwarden is very good, but if you are already comfortable with 1Password I don't think it is worth the switch. A lot of people (myself included) just recently switched from LastPass to Bitwarden due to LPs issues and breaches. But 1Password is still very solid and highly recommended.
KeePass is great. Has all the features I want and then some. Everything is stored locally, you can encrypt with password and private keys and it even has the ability to sync dabases on a on a home server. I use it on windows and android. Since 99% of the time I make password updates on my phone I'll just sftp the database file to my server and then use it to sync with my windows machine next time I'm on it.