- Millions of people use password managers. They make accessing online services and bank accounts easy and simplify credit card payments.
- Many providers promise absolute security – the data is said to be so encrypted that even the providers themselves cannot access it.
- However, researchers from ETH Zurich have shown that it is possible for hackers to view and even change passwords.
It is not less secure.
If the Bitwarden servers are compromised (either by hacking or by being forced to by the government of the country where they are hosted) then code could be run which would allow the attacker to receive your plaintext password and that is used to decrypt your data.
If a user is so horrible at syncing that they accidentally synced their database file to a public Twitter post, it is still protected by AES-256 which can’t be broken by a simple subpoena.
In either case, syncthing is pretty simple to use and is the common recommendation for the kind of small personal file sync that you need here. It also adds an additional security layer, on top of the unbreakable AES-256 encryption, to the whole setup.