Hy,

In your opinion do you prefer Bitwarden or Proton Pass and why?

It seems proton pass have better integration with Firefox.

Good and bad?

Thanks.

    • Zeta@kbin.social
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      KeepassXC + SyncThing in my case, to skip the middle man (Dropbox/Google drive)

    • TORFdot0@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      No sir, I did this for years. I used Kypass on my iPhone so I could use my passwords on my phone as well. I ended up switching to Bitwarden for easier 2FA implementation and granular password sharing rather than having to share my whole vault or manage a separated shared vault

        • TORFdot0@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I use Bitwarden with DUO as my Authenticator app. I know that you can set up keepass with 2FA via an extension but I didn’t find it as portable with my existing apps which is why I decided to make the switch

    • ShellSurf@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Nah, still a great solution if you like. That was my solution for years until just about a month ago I switched to bitwarden because it seemed easier to protect with a yubikey. I’ve liked it so far.

      I took the opportunity to export all my passwords from Firefox, chrome, and KeePass, then spent about a day cleaning the whole mess up and removing duplicates, THEN imported the csv into bitwarden. Still getting used to not using chrome/Firefox for auto filling and storing passwords, but I like that my passwords don’t feel so spread out across multiple browsers/dbs.

    • Atemu@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      It works but partitions can and will happen and a merge afterwards is non-trivial AFAIK.

      • jplate8@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        I just trust the built-in encryption, which makes it easier to read via keepass2android (since I don’t have to do an extra decryption step).

            • unable_blitz@discuss.tchncs.de
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              Interesting. I assumed it did, two layers of encryption, different passcodes and ideally keys - not sure how it wouldn’t, but now I need to research it

              • Zikeji@programming.dev
                link
                fedilink
                English
                arrow-up
                4
                ·
                edit-2
                1 year ago

                These are my opinions, not a security expert or anything but - if your system is compromised two layers won’t make a difference. If someone gets ahold of the KDBX, two layers might slow them down but if they have the compute to crack the KDBX in the first place a second layer won’t make a difference, even if you’re using a stronger algorithm.

                I can only think of two benefits.

                1. using two different algorithms adds a layer of protection in the event a flaw is discovered.

                2. If it’s wrapped it would likely have a different extension and signature, so if someone were to say, hack the cloud storage provider and grab all the KDBX files you might get missed.

                In any case, the encryption algorithms we use today will likely be irrelevant and useless at some point in the near future. If you suspect your KDBX has been stolen, you should change all your passwords - even if they can’t crack it today, you don’t want to get an unpleasant surprise in a decade because you didn’t.

                Although changing your passwords on interval is a good security practice anyway.

                I also wouldn’t sync them with a cloud storage system either, since you never know.

            • endbringer93@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              At the very least it would hide filename in cloud storage so no one would know that it’s a file with all your passwords.

              Personally I don’t put anything in cloud storage unencrypted so I’d still just encrypt that file client side with the rest of them if I used keepassx.