I’m currently using 1Password but I’m no longer satisfied with it.
Top of the line, best of the best, nothing beats it. Especially if you self-host Vaultwarden, there is simply nothing that can compete. (Vaultwarden makes the 2fa component that is paid in Bitwarden free if you self-host it)
Its open source, self host-able or cloud host and its had enough audits to say its fairly secure.
I’ll play the devil’s advocate here.
Since bitwarden is a VC funded company, I’m wary of the enshittification that might take place in the future. Even though technically speaking, you can self-host the server via Vaultwarden, it is largely possible because the project has blessing of official devs. That can change dramatically in future.
For something as important as your passwords, trusting a for-profit company might not be the best idea.
Would love to know what the community thinks about this.
DISCLAIMER: I love Bitwarden and use it daily, both for personal use and at work.
The VC money has gone to good though, like audits and open source code. A lot of the money they get is from company deals with bitwarden buisness anyway. As long as that works out, I can’t see them screwing over anyone while they have a money stream. If they do screw up, exporting to KeyPassXC is super easy anyway.
The one question no-one has mentioned yet given it’s probably Bitwarden’s biggest security vulnerability…
How strong is your password?
Because ultimately that is EVERY password managers weakness! I’m also still skeptical about the abuse, is it passkeys or something that I’m going to guess will make it so much easier to do social engineering on so I’d personally never use it on a vault.
It’s a good question. A vault is only as strong as the credentials required to access it.
Bitwarden does have MFA support, though. If you’re using it without that enabled, you’re asking for trouble.
