Does anyone use the self hosted version of psono password manager? The demo looks very nice, however it seems to be very niche and it is rarely recommended. It appears in the “awesome selfhosted” repo, though.

I’m looking for a password manager for a small business, and bitwarden looks quite complex (and expensive) and I’m not very comfortable with vaultwarden.

  • node815@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Testing so far - I got it to do the SSO with a little work. There’s a TON of file editing which needs to be done, so as long as you follow their docs, it should work okay. I was able to export my Bitwarden plain JSON file (I use Vaultwarden), and it was flawless. The server dumped all of the logins into a folder so you have to expand that to get to the main logins which if you had them in folders already, are there as “Sub Folders” if you will. You can move the folders one-by-one but not en-masse which may be a show stopper for some. Especially if you have many to move like I do.

    PROS:

    • Enterprise version is free which supports SAML/OPEN ID and others whereas their personal doesn’t. SSO login was SEAMLESS as in you clicked the login button, and immediately logged into the server. No separate username/password to enter.

    • It has a pretty nice GUI out of the box

    CONS

    TOTP is NOT included in the logins, this means that in order to get to the TOTP code, you have to search for it using the browser plugin, then copy it from your web portal and then copy it over to the tab you were on. On my Firefox session, it FROZE IT UP For longer than the TOTP code expiration so I had to copy a new one and was able to pass the login through.

    You have to be logged into the web panel before the browser extension will work. You can close the tab though and it will retain your session. Compared to below, it’s a night/day difference where there -it logs in to the server without ever touching the web vault which I rarely ever use.

    vs.

    **Vaultwarden/Bitwarden **

    Maybe I’m spoiled, but I’ve completely grown accustomed to the pasting of the TOTP code during my login session after I fill in the credentials. This by far is hard to break the cycle. Some may argue that it’s not secure to store your TOTP in the same password manager and they are probably right, but for me, it’s enough. :)

    Vaultwarden is working on SSO it seems so this may be something to consider if you are working into the SSO world like I have been. https://github.com/dani-garcia/vaultwarden/pull/1955

    Edit to fix formatting and add another con about the plugin this time.

    • vzq
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      2 months ago

      deleted by creator

      • The Stoned Hacker@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Vaultwarden is a fork of Bitwarden with a few more features enabled and some minor (although potentially important) differences. It works with any Bitwarden front end. It’s on my todo to eventually migrate to from Bitwarden for the free TOTP