Good thing i switched to selfhosted vaultwarden setup.
Sees bitwarden drama, Noooo๐ญ
this post was submitted on 21 Oct 2024
110 points (100.0% liked)
Open Source
30966 readers
403 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
Yeah, with all the stuff going on with password managers, I wonder if there's a truly future-proof setup that can be self-hosted and will never have these issues.
I was a Keepass user many years ago, but I'm not confident that a Keepass-like system would work well with some very computer-illiterate family members. Bitwarden is hard enough to teach them, and it's one of the easy ones!
There is no such solution but you could just not update your mobile app and keep using vault warden. Nothing will change for you.
you could just not update your mobile app and keep using vault warden.
Well, I'd prefer that the apps that are a gateway to my most important pieces of data (passwords) be updated to plug vulnerabilities and exploits. If it were any other app/service, then I can live without updates. But not something related to passwords.
Someone will fork it, once Bitwarden close the source you won't know if they are even patching vulnerabilities.
Yup. I'm either hoping for a more sustainable alternative, or a fork with active updates.
For now, I'm holding my position, but preparing for an exit from Bitwarden.
vaultwarden is perfectly fine. we just need to fund 3rd party clients for platforms. on android we already have keyguard, albeit it being only source available
albeit it being only source available
Isn't that exactly why we need to leave the official Bitwarden client for something else?
yup, my point was we need fully open source clients for all platforms
I agree
Yeah vaultwarden even has its own web interface so my passwords probably not going to locked behind priopority apps. ฤฐ think i will keep using it for a while at least.
This one hurts... as I use this as my password manager on mobile :{
Can recommend KeypassDX you can download it from fdroid. It is compatible with KeepassXC
Anti Commercial AI thingy
CC BY-NC-SA 4.0
I was using this app until I created a new gpg key and OpenKeychain did not work because of this https://github.com/open-keychain/open-keychain/issues/2886. I then installed password store inside termux and I am using it as if I am using it from my PC. That works pretty well.
Can CLI applications inside Termux interact with the Android clipboard?
Honestly we need to invent something better than password managers.
Webauthn already exists.
You still need to store those secrets. You would probably refer to a keychain but in the end it is still a password/secret manager.
And the current implementation is not really better, services like paypal still do not allow you to use a passkey on the desktop.
This is more often 2FA & a password is still needed
Any self-hosted software to recommend?
Kanidm
Thx. Will check!
Best we have and probably will ever have on the current web. Not sure what the problem is with password managers?
We have USB/NFC hardware security tokens, as well as OS-integrated passkeys