I use BItwarden for most stuff and KeePassXC for sensitive stuff.
I use Bitwarden as my password manager. I use the extension on my PC, and the application on my iPhone.
KeePassXC, and I wrote some scripts that push changed database to Keybase git, so I can pull it on other devices and keep them synchronized.
pwsafe + yubikey inside cryptomator.
cryptomator folder is synched in a cloud storage that i trust.
Since it’s only me who needs access to my passwords, I stick with KeePassXC. I use Syncthing to sync the database file between my devices. And I use KeePassDX on Android.
I put my database inside of a VeraCrypt volume, then I upload it to Nextcloud for back up reasons. And of course my USB.
If I needed to share passwords with someone, I would use Bitwarden, but I don’t need to. Plus it’s one less application I have to have.
Wanted to spin a DigitalOcean VPS to host my own instance of Bitwarden, but suddenly discovered that 8bit Solutions (the owner of Bitwarden) requires me to give them my email and generate a unique installation id and key, so they would know exactly, who, where and on which server keeps his or her passwords. WTF.
KeePassXC on desktop with Yubikey to open it. Not synced anywhere else (backed up on encrypted drive though).
damn! I totally overlooked that TL;DR step 3…
I can see email as contact for server upgrades and announcements (security/vulns etc) but do agree the concern and this will require more looking into. I don’t like unique IDs, wtf level
Keepass is my first choice since I work mostly on Windows. I only store passwords in KeePass, nothing related to 2FA (neither OTP nor backups). If I could move away from Windows more I’d probably switch to bitwarden, because KeePassX is a bit of a cautionary tale for me.
Same as OP. Though I’ve been thinking to make antoher KeepassXC databse for OTP, instead of other OTP clients for PC
I am still using LastPass even though they’ve dropped support for Firefox on Android (after 6 months of ignoring critical bugs).
I’ve been meaning to move to Bitwarden but I am procrastinating on this initiative because I have several more months left on my sub and a password manager is mission critical for me. Minor QoL issues can have a big impact, even if the core features in Bitwarden are on par with LP.
BItwarden for all my stuff (even my cc & id :3)
Do you self-host or do you use their cloud?
My mom remembers my passwords for me
That and keepassxc.
i know its bad but yeah, their cloud :3
idk if it can be called “bad”, per se. i trust their client side encryption as implemented, server uptime/reliability is like always, and the service (premium) is very affordable with some cloud space to play with.
still, i consider it a higher risk factor using browser addon/extension and do, so remain vigilant because of this. same for the various addons i rely on, only little more mindful of not being signed unless needed for login somewhere. but nothing can i find as ‘bad’ about using their service. I do want to self host though, local/lan, which remove reliance on them while putting burden of server security on me especially if i poke a hole for external access.
I’ve moved from MasterPassword to Bitwarden really loving it. I use the Firefox extension as well as their cloud. Though I do plan on hosting it myself soon.
I use KeepassXC (recently came to love the fact that it supports OTP out of the box) and Keepass DX on the phone, I keep the database in sync using my Nextcloud instance.
Also, as a fallback, I use Keeweb - running on the same server as Nextcloud. I let it access the file using WebDAV, which works fine for when I need access to this one service right now.
Im surprised no one here mentioned 1Password. I know their subscription model has upset many users and it’s a little on the pricy side but you can purchase on its own and use it with the cloud provider of your choice. I personally use it with iCloud and its been great. Just wondering why no one has mentioned it. Thanks
I use several KeepassXC databases in multiple Qubes OS vault vms.