1. 1

    I like to use PasswordSafe. Free, open-source, and originally written by Bruce Schneier. There are compatible iOS and Android apps.

    It looks like bitwarden does not have a desktop implementation?

    1. 1

      There is not a true desktop implementation yet. It is in the plans. However, desktop usage can be satisfied with the browsers extensions currently.

    1. 4

      Hey all. I’m the main developer behind bitwarden and would love to answer any questions you guys have. As mentioned in the OP, be sure to check out the source of the entire bitwarden platform at https://github.com/bitwarden. I’ll monitor this post for questions/comments and follow up as best I can.

      1. 3

        Hi @xxkylexx, & welcome. Thank you for offering to answer questions.

        Your website also makes the claim that bitwarden is the “safest way to store and sync your passwords”. Why do you say so? What’s your threat model and how do you distinguish your service from any of the other cloud password services listed in the comments?

        edit: saw answer to my biz model question above

        1. 1

          Thanks for the question. The claim can be somewhat subjective and certainly is bias coming from me, however, bitwarden is distinguished from other password managers because it is entirely open source. This eliminates the security through obscurity problem and provides an open platform for review.

      1. 1

        Cool! I’ve been hoping for something like this. I mean, I love 1Password, but it ain’t cheap.

        The database is SQL Server.

        Welp, 1Password it is.

        1. 1

          The core DAL is written in a way that can very easily be swapped out to your database engine of choice. See https://github.com/bitwarden/core/issues/10

        1. 4

          I’d be 100% down with a peer to peer syncing solution, but considering they’re using azure to store everything centrally it makes me question how they intend to sustain this service and their longevity.

          1. 4

            bitwarden is currently sponsored by the Microsoft BizSpark program which covers many of our operation costs and allows us to offer services for free to our users. We are working on our monetization strategy which will introduce additional premium features in the future. For now though, everything is free for users.

            1. 2

              Let me know when you find that p2p solution!

              1. 4

                I use pass to manage my passwords, and instead of using the integrated Git support for syncing, I know I’ll get lazy and forget to commit and push at times, I use Syncthing to keep everything in sync across all my devices. Syncthing works very well for me, easy to install and configure and adding other devices is trivial to do.

                1. 1

                  Well, if you really trust the encryption, you could always use ipfs

                  1. 1

                    IPFS is great! I’ve used it to sync large files between my home and remote nodes from time to time.

                    If all you keep are website + password pairs (no username/login ID), then even if the encryption employed by IPFS is “broken”, the risk profile is still very low as any intermediary node that has a copy of your file will have no way of figuring out which user ID to pair with the password.