Bitwarden also supports TOTP. I'm using Authy and I've been pretty happy with it so far. It also does (apparently encrypted and secure) backups of your keys. I like that feature since you don't...
Bitwarden also supports TOTP. I'm using Authy and I've been pretty happy with it so far. It also does (apparently encrypted and secure) backups of your keys. I like that feature since you don't have to worry when you upgrade your phone or lose it. Just remember the backup password.
I use the Android version of FreeOTP, which is FOSS and has an iOS version too. I keep my passwords safe with Password Store, it is a CLI program in essence but there are many GUI frontends. I use...
I use the Android version of FreeOTP, which is FOSS and has an iOS version too. I keep my passwords safe with Password Store, it is a CLI program in essence but there are many GUI frontends. I use this one on Android, on desktop I have a little front-end I wrote in Emacs that I use, and a little script that uses dmenu. But actual desktop apps are available, here is a list of GUI clients for desktop and mobile, including iOS. Password store uses git and GnuPG behind the curtains (tho the curtains are easy to bypass if there is a need). I used to sync with Syncthing, but I don't trust it with data that is not ephemeral anymore.
All of the above is completely FOSS software, MPL, GPL or Apache-licensed.
I've switched away because it didn't integrate nicely with me. The Linux app wasn't very nice to use and the browser addon kept on bugging me whenever I signed into something if I wanted to add it...
I've switched away because it didn't integrate nicely with me. The Linux app wasn't very nice to use and the browser addon kept on bugging me whenever I signed into something if I wanted to add it to LastPass. I also kinda started to distrust it when I was consistently able to access the password for some sites without my Yubikey using the browser addon. Don't know if that is by design or not.
Off-topic but how are you liking Bitwarden? My Lastpass subscription is expiring in 3 months so I am actively looking for alternatives. I have been tinkering with KeePass, but I just don't know if...
Off-topic but how are you liking Bitwarden? My Lastpass subscription is expiring in 3 months so I am actively looking for alternatives. I have been tinkering with KeePass, but I just don't know if I trust myself enough to use it... and Bitwarden seems like a nice middle ground between the two.
LOL, yeah, I have to admit the price is definitely appealing. I don't mind paying a few bucks a month for a good password manager, but getting 5 accounts for $1/mo is really tempting. I have been...
LOL, yeah, I have to admit the price is definitely appealing. I don't mind paying a few bucks a month for a good password manager, but getting 5 accounts for $1/mo is really tempting.
I have been trying to convince a few other family members to start using password managers as well (esp my sister who had a bunch of accounts compromised recently due to reused password). So being able to offer them all "free" access under my account would certainly make it easier to get them to finally take the plunge... especially since I already do that with a few other things too (e.g. Office 365, Netflix, Amazon Prime, etc.).
You both should give 1Password a try. I was an avid KeepassXC user and still recommend it to people who know what they're doing, but 1Password is fantastic and much easier to adopt. It's also easy...
You both should give 1Password a try. I was an avid KeepassXC user and still recommend it to people who know what they're doing, but 1Password is fantastic and much easier to adopt. It's also easy to sell to companies which then get all their staff a bunch of accounts.
Bitwarden is free software: you can have a personal server if you want to, as well as auditing the code, in case you don't trust third-party ones With 1password you don't have those options, but...
Bitwarden is free software: you can have a personal server if you want to, as well as auditing the code, in case you don't trust third-party ones
With 1password you don't have those options, but it may be easier to use (I haven't tried it)
I guess 1password is the most user-friendly and polished password manager out there. I used it for years, back when it was offline-only, MobileMe sync, Dropbox/iCloud sync and now a subscription...
I guess 1password is the most user-friendly and polished password manager out there. I used it for years, back when it was offline-only, MobileMe sync, Dropbox/iCloud sync and now a subscription model. I really liked it and never ever had a single issue.
When I reviewed all my ongoing subscriptions last year I decided to get rid of 1Password and migrate to BitWarden with a self hosted version bitwarden_rs so it went from $5 for the family subscription to zero.
But the 1Password people provide a lot of documentation about their security including white papers. Still, you have to trust them.
1Password is something I've been able to get my mother and tech-illiterate aunt to adopt. KeepassXC is too complicated for them and the risk of losing your backups or not keeping them in sync...
1Password is something I've been able to get my mother and tech-illiterate aunt to adopt. KeepassXC is too complicated for them and the risk of losing your backups or not keeping them in sync correctly is too great.
Bitwarden also supports TOTP. I'm using Authy and I've been pretty happy with it so far. It also does (apparently encrypted and secure) backups of your keys. I like that feature since you don't have to worry when you upgrade your phone or lose it. Just remember the backup password.
I use the Android version of FreeOTP, which is FOSS and has an iOS version too. I keep my passwords safe with Password Store, it is a CLI program in essence but there are many GUI frontends. I use this one on Android, on desktop I have a little front-end I wrote in Emacs that I use, and a little script that uses dmenu. But actual desktop apps are available, here is a list of GUI clients for desktop and mobile, including iOS. Password store uses git and GnuPG behind the curtains (tho the curtains are easy to bypass if there is a need). I used to sync with Syncthing, but I don't trust it with data that is not ephemeral anymore.
All of the above is completely FOSS software, MPL, GPL or Apache-licensed.
You're welcome! IDK why I thought you were also asking for a password manager, guess I rushed reading your post, sorry :)
Check out AndOTP. It's a more secure and maintained fork of freeotp.
Isn't AndOTP Android only?
It is. I use and enjoy andOTP as well, but sadly it's not available in this case.
Oh, sorry. Didn't see the iOS part.
Currently using Authenticator:
https://itunes.apple.com/us/app/authenticator/id766157276?mt=8
Just out of curiosity - why are people switching away from LastPass? Are there any security issues with it?
That makes sense. Thanks for the details. Maybe I'll give Bitwarden a try
I've switched away because it didn't integrate nicely with me. The Linux app wasn't very nice to use and the browser addon kept on bugging me whenever I signed into something if I wanted to add it to LastPass. I also kinda started to distrust it when I was consistently able to access the password for some sites without my Yubikey using the browser addon. Don't know if that is by design or not.
They have a bad history for a password manager imho
Off-topic but how are you liking Bitwarden? My Lastpass subscription is expiring in 3 months so I am actively looking for alternatives. I have been tinkering with KeePass, but I just don't know if I trust myself enough to use it... and Bitwarden seems like a nice middle ground between the two.
LOL, yeah, I have to admit the price is definitely appealing. I don't mind paying a few bucks a month for a good password manager, but getting 5 accounts for $1/mo is really tempting.
I have been trying to convince a few other family members to start using password managers as well (esp my sister who had a bunch of accounts compromised recently due to reused password). So being able to offer them all "free" access under my account would certainly make it easier to get them to finally take the plunge... especially since I already do that with a few other things too (e.g. Office 365, Netflix, Amazon Prime, etc.).
You both should give 1Password a try. I was an avid KeepassXC user and still recommend it to people who know what they're doing, but 1Password is fantastic and much easier to adopt. It's also easy to sell to companies which then get all their staff a bunch of accounts.
Bitwarden is free software: you can have a personal server if you want to, as well as auditing the code, in case you don't trust third-party ones
With 1password you don't have those options, but it may be easier to use (I haven't tried it)
I guess 1password is the most user-friendly and polished password manager out there. I used it for years, back when it was offline-only, MobileMe sync, Dropbox/iCloud sync and now a subscription model. I really liked it and never ever had a single issue.
When I reviewed all my ongoing subscriptions last year I decided to get rid of 1Password and migrate to BitWarden with a self hosted version bitwarden_rs so it went from $5 for the family subscription to zero.
But the 1Password people provide a lot of documentation about their security including white papers. Still, you have to trust them.
1Password is something I've been able to get my mother and tech-illiterate aunt to adopt. KeepassXC is too complicated for them and the risk of losing your backups or not keeping them in sync correctly is too great.
I think I may have not given Bitwarden enough of a chance. I'll look at it again, thank you.
Probably because 1Password isn't open source.