“Authenticator key (TOTP) storage is available to all accounts. TOTP code generation requires premium or membership to a paid organization (families, teams, or enterprise).”
I’m aware. So is Bitwarden if you don’t use their web vault, which KeepassXC does not have. Keepass can use a cloud drive to sync multiple devices whereas Bitwarden requires a self hosted instance to sync. Personally I would rather trust my own hosted instance over that of a cloud provider. But that all depends on your threat model and who you’re willing to trust. Having used both I personally prefer self hosted Bitwarden.
Never tried them, I still think it’s safer to self-host the vault file on my own hosting cloud with some extra paranoid encryption just to be sure it’s safe even if my self-cloud hosting is hacked. But I am just scared to lose this one day and I not be able to log into my services anymore. 🤣
I know people Bitwarden and seems cool, but I don’t see the need for it.
I know they exist. I think you’re missing what I’m saying.
Bitwarden is fully free and self hostable. That is how I use it. Bitwarden needs a self hosted webserver. KeePass can use only a cloud provider or self hosted cloud storage and also set up a web vault.
With Bitwarden, if you don’t want that hassle you can use their webvault they host. You cannot do that with keepass. That is what costs the $10/year.
Point is, both are good software that do things a bit differently. I liked KeePass, but I found Bitwarden to do what I wanted better, which was easily sync my passwords across devices without the hassle of self hosting something like Nextcloud. A quick docker container and I’m good.
Maybe some people are fine with keepass and something like Dropbox for sync. And maybe others don’t want to use a public cloud server but also don’t know how or want to host their own instance of a a password manager or cloud server. So they can use something like Bitwarden’s webvault instead, which is free except for TOTP.
Well, I still don’t see the difference, you can run Nextcloud with docker too, with many more tools than just sync folders, even with encrypted data it is still sync to others devices. About Android, I don’t even remember to charge the battery (that’s why I don’t use it for 2FA, many times it is off and battery empty), and I don’t use it unless I need to drive (for GPS + Music, and de-googled), if I need any password on my Android I use KDEConnect to copy-paste logins, so I keep my secret vaults away from smartphone. I don’t think smartphones are that safe to use and store all my passwords.
EDIT: Ok, I can understand people that don’t know how to set up their own services could find that Bitwarden easier. $10/year is very cheap.
“Authenticator key (TOTP) storage is available to all accounts. TOTP code generation requires premium or membership to a paid organization (families, teams, or enterprise).”
It’s $10/y and a steal for that excellent software. I pay it and self host it just to support them.
KeepassXC is free…
This!
Keepassxc is cross-platform, free and open-source. It has also options for iOS and Android.
Yeah, but actually the “KeePassXC” is already a GUI only for PC, but there are many clients: https://github.com/lgg/awesome-keepass
Bitwarden is all of those things. Unless you use their web vault, then it’s $10/year. Which keepassxc does not have.
I’m aware. So is Bitwarden if you don’t use their web vault, which KeepassXC does not have. Keepass can use a cloud drive to sync multiple devices whereas Bitwarden requires a self hosted instance to sync. Personally I would rather trust my own hosted instance over that of a cloud provider. But that all depends on your threat model and who you’re willing to trust. Having used both I personally prefer self hosted Bitwarden.
I suppose you didn’t try or know that KeePass also has web clients, https://github.com/lgg/awesome-keepass#web-clients
Never tried them, I still think it’s safer to self-host the vault file on my own hosting cloud with some extra paranoid encryption just to be sure it’s safe even if my self-cloud hosting is hacked. But I am just scared to lose this one day and I not be able to log into my services anymore. 🤣
I know people Bitwarden and seems cool, but I don’t see the need for it.
I know they exist. I think you’re missing what I’m saying.
Bitwarden is fully free and self hostable. That is how I use it. Bitwarden needs a self hosted webserver. KeePass can use only a cloud provider or self hosted cloud storage and also set up a web vault.
With Bitwarden, if you don’t want that hassle you can use their webvault they host. You cannot do that with keepass. That is what costs the $10/year.
Point is, both are good software that do things a bit differently. I liked KeePass, but I found Bitwarden to do what I wanted better, which was easily sync my passwords across devices without the hassle of self hosting something like Nextcloud. A quick docker container and I’m good.
Maybe some people are fine with keepass and something like Dropbox for sync. And maybe others don’t want to use a public cloud server but also don’t know how or want to host their own instance of a a password manager or cloud server. So they can use something like Bitwarden’s webvault instead, which is free except for TOTP.
Well, I still don’t see the difference, you can run Nextcloud with docker too, with many more tools than just sync folders, even with encrypted data it is still sync to others devices. About Android, I don’t even remember to charge the battery (that’s why I don’t use it for 2FA, many times it is off and battery empty), and I don’t use it unless I need to drive (for GPS + Music, and de-googled), if I need any password on my Android I use KDEConnect to copy-paste logins, so I keep my secret vaults away from smartphone. I don’t think smartphones are that safe to use and store all my passwords.
EDIT: Ok, I can understand people that don’t know how to set up their own services could find that Bitwarden easier. $10/year is very cheap.