this post was submitted on 25 Oct 2023
22 points (84.4% liked)

Proton

5318 readers
5 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 1 year ago
MODERATORS
 

My wife and I both use Bitwarden and share passwords back and forth. We switched from LastPass after the chrome extensions shit the bed, and thankfully before they got hacked.

Tonight I got her to just make a Pass Plus account under the one year free deal. She voiced her opposition to switching "again". I told her it's not better than Bitwarden yet anyway, but I'll keep an eye on it and let her know when it's better. I'm going to need to make a convincing case to get her to switch.... again.

you are viewing a single comment's thread
view the rest of the comments
[–] CarbonatedPastaSauce@lemmy.world 23 points 1 year ago (1 children)

As someone who self hosts Bitwarden, I’m curious why you are interested in switching.

[–] akilou@sh.itjust.works 5 points 1 year ago (3 children)

I've been asking myself the same question. I've been using both since Pass came out somewhat out of curiosity and somewhat because why not, I'm already using Proton everything else.

Can you tell me more about self hosting Bitwarden? Does it run in Docker? What if the container goes down or gets corrupted? Can I still share passwords back and forth with my wife if she doesn't want to deal with my self hosting shenanigans?

[–] nutbutter@discuss.tchncs.de 4 points 1 year ago

Check out Vaultwarden. It is the Bitwarden, but made in Rust. It is lightweight and yes, it does run in docker. You can use bitwarden's apps and extentions with. You get all the enterprise edition features too.

Backing up the container data is very easy. Also, you can export the passwords in a json or csv file using the apps. If the server stops working, the passwords are still cached in the apps, and you can export them even if you are offline.

To share passwords, both accounts have to be on the same server. Or you can use the Bitwarden Send feature.

I have been self-hosting Vaultwarden for two years, and have corrupted my data once, because I updated the container very late, and it jumped multiple versions. No harm was done, as I backed up my passwords, using the app's cache.

[–] jws_shadotak@sh.itjust.works 3 points 1 year ago (1 children)

What if the container goes down or gets corrupted? Can I still share passwords back and forth with my wife if she doesn't want to deal with my self hosting shenanigans?

These reasons here are why I'm switching to KeePass soon. You can set up Syncthing to keep all the databases in sync and store it locally on each device. That way, it's all self hosted still but less chance of critical failure and no chance of your database getting into the wrong hands from a massive leak by a company.

[–] Lem453@lemmy.ca 2 points 1 year ago (1 children)

Bitwarden stores the vault locally on each device. If the server goes down the devices still all work. They just can't sync together which is exactly the same as synching+keepass

[–] jws_shadotak@sh.itjust.works 2 points 1 year ago (1 children)

The vault is also stored on the Bitwarden servers, which is why I mentioned a data breach.

Granted, the level of encryption on those vaults is excellent and the chances of decryption is low.

[–] CarbonatedPastaSauce@lemmy.world 1 points 1 year ago (1 children)

That’s only if you use their service. If you self host, they get no data from you. My Bitwarden server doesn’t even have access to the internet.

[–] CarbonatedPastaSauce@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

nutbutter answered most of your questions, but yes the original BitWarden also runs in docker. I run my containers inside a VM that I snapshot weekly and keep several backups, so if anything gets corrupted I just restore a VM snapshot. Has never happened for any of my Linux VMs though, only to PFsense a couple times before I abandoned it.

But as nutbutter also mentioned in his great reply, even if you had no backups the client caches will save you.

Sharing costs a fee with Bitwarden, but I only use it for myself so had no real reason to try Vault Warden. That may help you decide which version to try.

Be aware that while it has an iOS client, iOS is REALLY picky about certs these days. It does not let me use certs signed by my internal OPNsense CA, which is really irritating. That’s Apples fault though.