KeePass was my first choice password manager, but as time went by, I noticed that it has some persistent issues. Its time to look for a replacement...
For further actions, you may consider blocking this person and/or reporting abuse
I've been happily using Bitwarden for this for a few years now. It has a decent comman-line client and is also free software, but it uses cloud sync rather than the DIY approach Keepass likes. But they're both good :)
Thanks for sharing Ben. When do you find yourself using the CLI client?
I was aware of BitWarden from years ago and it sounds solid now. When I browsed their website recently, I doubted it was the same thing! The first impression is that it is a business cloud product. The fact that it is something you can use locally and is free for personal use gets lost.
I pretty much don't use the CLI client, I'm just aware that it works because I've used it a couple of times. On a desktop I always have a browser open to copy something from and on a mobile device I don't have a CLI anyway.
Usually I'm a big fan of using the command line over GUIs, but with password management... I don't, for some reason!
I guess since typically a browser is a desktop app, using a browser extension is more practical. It can be handy to have the CLI occasionally too.
You could use a CLI web browser along with a CLI password manager. I don't know if itd be practical, but Im sure there is someone out there doing it!
I love Bitwarden! You can self host it too
Checkout vaultwarden, a bitwarden remake in rust. Run it on an rpi and only sync passwords locally, or open a port to the berry. I have it running in docker behind a ssl-proxy.
Sounds interesting! There are so many cool private infrastructure projects you can do with a raspberry pi. I would fear that I would turn my bedroom into a micro-server farm as these can be fun projects!
I moved away from KeePassXD to Pass, the standard Unix password store. Downside is the setup is more complex and I couldn't get it to work on Windows. Upside is passwords are stored in plain text files encrypted with standard gpg and synced with git so its maximally portable and future proof. It's more hackable (in the sense that you can easily extend functionality, like using fzf to enhance search, not that it's easier to break). It's on the command line. I really like not having to keep a separate app open since I mostly work in a terminal window. It has a lot of ui programs as well including phone apps and browser extensions.
I'm a big fan of Keepass and have been using it for the last 10 years. I move around my environment as well between Windows and Linux and the switching between Keepass and KeepassXC is seamless - I actually prefer KeepassXC though as it is generally much more user friendly.
KeepassXC also has been my password manager of choice for the past few years. I store my wallet on a network attached storage device and I can easily share the same passwords between all my computers without a problem (Linux, Mac OS and Windows). My most favorite feature is OTP. Super convenient to use. Just copy & paste the code from KeepassXC. No fumbling around with a mobile phone app.
My only issue is with the browser extensions. It's been a bit of a hit and miss for me over the years. Sometimes it works great, but most of the time it doesn't, so I intuitively resort to just opening the main app, search the record there and copy and paste 🤷♂️
The browser extensions for password managers seem to be tricky to get right. I am set-up on Brave and Firefox with KeePassXC now, and so far, so good. Hopefully, it will continue on this way.
Firefox itself has a great password manager that will be synced with your Firefox account and I'm using it all these years.
To go along with KeePassXC, KeePassDX on Android works really well.
Is there some way to secure password manager communication with plugins? The idea of sending passwords from plugin to plugin seems a bit freaky to me but I'm probably just ignorant of the solutions used.
In the case of KeepassXC, you do not need plugins. All of the functionality is contained in the core application.
If you want to use a browser extension to autofill fields in the browser, these are made by the core team also. So they should be trustworthy and secure. In any case nothing is sent over a network. The transfer of a password from the database to the browser is done on your local machine.
If you have doubts, then you can skip using the extensions. You can research it further and inspect the code if you want to have confidence using it.
Thanks for the great info. I'd be more worried about using multiple third-party sources for plugins. The more you rely on different people the more likely you are to introduce malicious actors. It sounds like KeepassXC would be worth looking into.
Bitwarden is not proprietary. It uses GPL. Please revise.
Sure. Done! 🙂