The inner circle so to speak

  • darcy@sh.itjust.works
    link
    fedilink
    arrow-up
    23
    ·
    1 year ago

    keepass > bitwarden

    vpn providers should be reviewed regularly

    email is inherintly insecure/non-private, self hosted is best

    • ArcticLynx@feddit.de
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      why do you prefer keepass to bitwarden? has it better privacy or is it just a personal preference because you like the UI more for example?

      • darcy@sh.itjust.works
        link
        fedilink
        arrow-up
        20
        ·
        edit-2
        1 year ago

        keepass is a different paradigm. it uses a locally encrypted file. many frontends for it (use keepassxc and keepassdx). dont have to rely on some 3rd party, even if they say they have e2ee. theres no better privacy (and security) for an app than not using it with the internet. im not too concerned about ui for pw manager personally, the less time i spend w it unlocked the better. only (slight) problem for me: multi device usage (i just copy the file onto my phone occasionally). general rule of thumb: if it can be selfhosted, it is best to.

        i think bitwarden is the best one of its type, it comes down to your needs and threat model

        • ErwinLottemann@feddit.de
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          You can selfhost bitwarden, there’s also vaultwarden, an open bitearden api implementation. You could host this on an internal-only server. But you also can sync your single password file with a lot devices and use keepass, I just find that a bit annoying. You also cannot share some passwords with your relatives easily that way.

          • Radioactive Radio@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Hey it’s fine if you trust them, it’s a very convenient service and from what I found it’s pretty secure, since there’s no way to recover logins if you forget your master pass. But i personally don’t like the idea of having passwords on someone else’s server and I’m too stoopid to set-up my own instance on a docker container server thingy. Syncthing just works for me, got GUI and everything.

      • Rooki@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        its more user friendly. Just a file you have to have. You can encrypt that double and tripple on bitwarden nope.