If you can’t selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can’t access your passwords.
The person you’re replying to already gave you one: it’s free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
Vaultwarden, self-hosted is free as well. And since it’s not using the Bitwarden infrastructure, you’re only as exposed as your own network anyway.
But you can still use all the standard Bitwarden apps and extensions on any device, you just need to point it at your server. Easy to set up for friends and family as well. No need to try and teach them about VPNs, setting up syncthing, etc.
I use keepassXC for work and I only use it on one machine at a time. I don’t have any experience syncing it around to multiple devices, so you might have a better perspective than I do on that.
For personal use, I self host vaultwarden and use it on my desktop and Android phone. I’m able to use the bitwarden app just fine on my phone, even when I turn on airplane mode and am unable to sync.
I set up a simple sync service with FolderSync (similar to Syncthing) on Android for my family, that preserves their mobile files on a server hosted SMB share. Haven’t even looked at storage encryption though. You can’t underestimate a simple yet effective solution, sometimes so simple it flies under the radar.
I can’t think of a reason to choose Keepass over Vaultwarden.
If you can’t selfhost, then you can have your keepass file in your personal cloud. Many basic cloud services are free and the password file itself is encrypted so the cloud provider can’t access your passwords.
The person you’re replying to already gave you one: it’s free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
Each have their pros and cons.
I think you misread. Lastweakness was talking about Vaultwarden which is a 100% FOSS reimplementation of bitwarden that you self host.
Vaultwarden is open source: https://github.com/dani-garcia/vaultwarden
Every pro you listed is applicable to Vaultwarden as well. But I assume you misread it as Bitwarden.
Vaultwarden, self-hosted is free as well. And since it’s not using the Bitwarden infrastructure, you’re only as exposed as your own network anyway.
But you can still use all the standard Bitwarden apps and extensions on any device, you just need to point it at your server. Easy to set up for friends and family as well. No need to try and teach them about VPNs, setting up syncthing, etc.
I can’t think of a reason to choose Bit/Vaultwarden over Keepass.
Shared passwords
Easy to do on Keepass
Not really and not nearly at the same level
Yes and more easily
Lol, no.
The mess of databases you would need to replicate what is simple with organizations and collections is definitely not easier or more flexible.
lol yes
It’s just one database file
I can.
I realise now that I can think of one too. Which is that you don’t need to host it anywhere if you use something like Syncthing.
Also available offline, all the time in your hands.
Bitwarden works offline. Obviously can’t save to the server, but reading from what’s already on your local machine works just fine.
Isn’t it easier then just to use a (keepass) file? Also we carry phones around where we need secrets, too etc.
I use keepassXC for work and I only use it on one machine at a time. I don’t have any experience syncing it around to multiple devices, so you might have a better perspective than I do on that.
For personal use, I self host vaultwarden and use it on my desktop and Android phone. I’m able to use the bitwarden app just fine on my phone, even when I turn on airplane mode and am unable to sync.
I set up a simple sync service with FolderSync (similar to Syncthing) on Android for my family, that preserves their mobile files on a server hosted SMB share. Haven’t even looked at storage encryption though. You can’t underestimate a simple yet effective solution, sometimes so simple it flies under the radar.