Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you’re already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
Edit: part of what you’re paying for with BW is first-class native apps
(Edit - I misread as Bitwarden and went off on the wrong tangent. Vaultwarden is not centralized, and it’s FOSS - my bad.)
The person you’re replying to already gave you one: it’s free.
Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.
Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.
My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.
20$/year is still cheap compared to other password managers, but yeah, the lack of transparency is worrying.
Keepass is free?
So is BitWarden if you self-hosted. The price increase is for a hosted service which Keepass does not provide.
Thing is, a large percentage of internet-connected users might have two or more devices. The simplicity offered by a cloud (be it hosted or selfhosted) password manager is a huge benefit.
And unless you’re already running a syncthing-like service for something else, setting it up just for a password manager when other services provide it out of the box, is not worth the hassle usually.
IMO Keepass and Bitwarden aren’t exactly the same, as the latter has cross-device sync built-in.
I use one for work and the other for personal. They are both great, with slightly different convenience/security tradeoffs imo. Big fan of both, don’t know why it has to be one or the other for an OSS credentials manager
Edit: part of what you’re paying for with BW is first-class native apps
20 bucks are kind of a reason tho?
Can always self-host.
I can’t think of a reason to choose Keepass over Vaultwarden.
(Edit - I misread as Bitwarden and went off on the wrong tangent. Vaultwarden is not centralized, and it’s FOSS - my bad.)
The person you’re replying to already gave you one: it’s free.Second: its not a prime target for attack like centralized, hosted webservices are. See: LastPass being cracked and people’s login data stolen… Twice.Yes, it is cryptographically superior to LastPass, and attempts to design around their flaws - but the threat still exists because its a very tasty target on the open internet for cybercrime.My little Keepass DB synched over personal VPN by Syncthing? Much harder to find a vector for attack. But it does require more moving parts and maintenance.Each have their pros and cons.I think you misread. Lastweakness was talking about Vaultwarden which is a 100% FOSS reimplementation of bitwarden that you self host.
Vaultwarden is open source: https://github.com/dani-garcia/vaultwarden