What password manager do you recommend?

Maticzpl, 1 year ago

KeepassXC on PC KeepassDX on android Nextcloud for sync

Abualiexpress, 1 year ago

Second Keepass.

Or BitWarden.

Generator, 1 year ago

Same but I use Syncthing instead

Schooner, 1 year ago

Literally same setup!

YourMomLovesMe, 1 year ago

Keepassxc

theNoob, 1 year ago

KeePass for me synced to whatever cloud you want. I use DropBox and the Android client has an option for that to save you work

rarely, 1 year ago

Bitwarden, self hosted.

Christopher, 1 year ago

+1 for Bitwarden here. One day I will go down the self-hosted route.

sgtnasty, 1 year ago

I have the server, just dont trust myself enough to cut the cord from BW servers.

skullgiver, 1 year ago

I’ve put Vaultwarden online and have configured it to backup over the network through duplicity. Updates are automatic (I have a cronjob that just does docker pull/stop/rm/run without checking the error codes). No downtime so far!

It’s been a while since I’ve used the official Bitwarden server, but Vaultwarden is pretty much foolproof. It’s one of the easiest programs to self-host that I’ve come across.

dan, 1 year ago

I have a cronjob that just does docker pull/stop/rm/run without checking the error codes

Ah, you like living on the edge 😛

I don’t trust automated Docker updates… There can be breaking changes between versions. I don’t want my Docker containers to automatically break themselves :D

skullgiver, 1 year ago

It’s a testament to Vaultwarden’s update policies, not to my amazing server practices!

You’re right that this is a terrible idea and it will inevitably bite me in the ass, but keeping up to date with a dozen of self hosted services is a faff and I’ll accept the 15 minutes of docker fuckery to revert the updates if it means I don’t need to remind myself to perform server maintenance.

arensb, 1 year ago

Yeah, there’s a lot to be said for letting the hosting be done by people who know what they’re doing.

speaker_hat, 1 year ago

If I may, what are the requirements to make it self hosted?

lazynooblet, 1 year ago

Look up “Vaultwarden”

skullgiver, 1 year ago

The official Bitwarden server: 2-4GB of RAM, mostly because of the SQL server and all of the separate containers. Probably at least two CPU cores to prevent one process from lagging everything out. 12-24GB of storage.

For Vaultwarden, the Rust reimplementation of the backend server: I don’t know, about 128MB of RAM? It’s using about 40MB of RAM on my server. It’s using about a minute of CPU time per hour for my install. Storage requirements are “the size of the docker container plus some database files”.

Both: a TLS certificate (Let’s Encrypt) and as much free space as you plan on sending through their encrypted file sharing service. Also the storage and configuration for your automated backups, of course.

Vaultwarden isn’t audited and it takes longer to get all of the features because it’s a hobby project and not an enterprise company. Bitwarden is set up to easily scale to whole company/whole enterprise usage. Vaultwarden is set up for “you and your family” scale which probably works fine for larger scales but I don’t think it’s set up for it out of the box.

pandas, 1 year ago

@skullgiver @speaker_hat I'm considering spinning up a VW server right now. Thanks for laying out the reqs!

speaker_hat, 1 year ago

How do you make the sever available via the Internet? Do you host it on a cloud provider (e.g. AWS EC2)? or do you self host on your own bare metal machine?

skullgiver, 1 year ago

You can just open a port in the firewall/port forward a local server if your home ISP isn’t shit. If it is shit, you can run it in the cloud somewhere. I wouldn’t go with Amazon, they’re terribly expensive for hobby projects (who needs multi zone failover for a personal hobby project), any $5 VPS provider will do. Just make sure to install updates automatically so you don’t need to keep a close eye on maintenance and you should be golden.

Alternatively, if you don’t want to expose your server to the internet, you can set up a VPN server on your cloud server and only expose the password manager to your VPN. Wireguard is relatively simple to set up for this purpose, but tailscale (and whatever the self-hosted tailscale server is called) makes things even easier.

dan, 1 year ago

any $5 VPS provider will do.

A cheap <$20/year VPS is sufficient to host Vaultwarden. No need to spend several times that. My Vaultwarden installation is only using 120MB RAM, so a 1GB RAM VPS would be more than sufficient. Take a look at RackNerd, HostHatch, GreenCloudVPS, and the other top providers on LowEndTalk. RackNerd’s latest sale has a VPS plan with 1GB RAM and 14GB SSD storage for $11.38/year: lowendtalk.com/…/boom-boom-4th-of-july-deals-come…, but I’d personally go with the 4GB RAM and 75GB disk for $47.88/year, since self-hosting is addictive and you’ll find plenty of other stuff you want to host.

(I’m not affiliated with any of these companies)

skullgiver, 1 year ago

I would trust the absolute bottom of the barrel services with unimportant things like blogs, but I don’t want my password manager to be hosted there. It just feels too sketchy to me.

dan, 1 year ago

Given the prices of these VPSes, you could get two or three with different providers and have a warm standby in case of any issues.

RackNerd is legit though - a real company with a physical office. I’ve had some VPSes with them in the past, and only got rid of them because I wanted to consolidate a few things.

Version, 1 year ago

Definitely Bitwarden, but there‘s also a new product from Proton called Proton Pass. It works similarly to Bitwarden, but a few features are still missing.

Steamymoomilk, 1 year ago

I just use my very smooth brain Although its not very relible

001100010010, 1 year ago

Yea my smooth brain almost forgot my lemmy password lol. Hard to remember passwords when constantly depressed.

Christopher, 1 year ago

How about your login name? Hopefully your string of binary means something to you so it’s also memorable!

001100010010, 1 year ago

Shhh… It’s the secret to time travel! Or at least 1/3 of it.

Edit: Spoilers: It’s from

spoilerFuturama, Bender’s Big Score, the time code printed on Fry’s ass (yes, literally)

Christopher, 1 year ago

As long as it’s not also your password in reverse!

001100010010, 1 year ago

No my password is not in reverse, it’s in inverse. Hackers are so dumb, when I’m already playing 5d chess. 🤓

110011101101

Christopher, 1 year ago

Be sure to invert it twice, to be extra secure. 🔐

elboyoloco, 1 year ago

Bitwarden is the exact app you just described. I use it. It’s great.

Curious_Canid, 1 year ago

I’ve been using KeePass since the dawn of time. There are now other good options too, but I haven’t seen any compelling reason to switch. It does everything I need both securely and well.

donut4ever, 1 year ago

You’ve just described bitwarden.

steal_your_face, 1 year ago

I use the managed version of Bitwarden and I like it a lot compared to others.

doppelgangmember, 1 year ago

Bitwarden 100%

xtremeownage, 1 year ago

Vault warden. (Implements bitwarden).

Works with bitwarden apps / browser plugins. Locally hosted. Rust.

ablackcatstail, 1 year ago

I am a fan of Vault Warden.

Fisch, 1 year ago

He specifically stated that he doesn’t want to self host

DoctorWhookah, 1 year ago

*Sees post. Guess I should make sure someone has said Bitwarden.

*Checks comments. Hmm, Bitwarden, Bitwarden, another Bitwarden.

*Good. I don’t need to reply.

Nikki, 1 year ago

*Replys anyway

Bitwarden ftw!

wilberfan, 1 year ago

Gratifying to see all the love for Bitwarden!

pirate526, 1 year ago

buttercup.pw

Disclaimer: I’m the developer

lukstru, 1 year ago

As someone who uses Bitwarden, what’s the advantage of using buttercup?

DuskLoaf, 1 year ago

I use a mixture of Bitwarden and KeepassXC.

BW for most uses KP for things I only want local copies of ^^

burningmatches, 1 year ago

I just can’t get past the name of KeepAss…

DuskLoaf, 1 year ago

Best not to think too hard on it

acetone, 1 year ago

Bitwarden.