I’ve been using Bitwarden for a little more than a month and it is by far the best password manager I used. And being open source is a very nice bonus. I’m going for tue paid option to support the company behind it.
It does have a decent browser integration, OTP support, history support (last 5 passwords) support for arbitrary additional data and icons.
Having not read the source code, or investigated the details, my understanding is the sync is entry based over file based. On multiple occasions I lost data to Keepass's insane lack of sync functionality, I've never once done the same with Bitwarden. Google drive sync is kind of moot as the sync happens on a server (which you can run yourself).
> my understanding is the sync is entry based over file based
> Google drive sync is kind of moot as the sync happens on a server
Confused, so are you saying there is a server that does entry-based syncing? KeePass it's the KeePass client that resolves conflicts at the entry level with whatever is on Google Drive (which it connects to via plugins).
Apologies, I spoke too quickly. I'm unable to edit my original post to fix it.
The sync is client side according to [0]. I can't find specifics in any documentation on whether it works at an entry or file level, however I wonder is that actually important? Just because you sync at a file granularity doesn't mean you can't resolve entries individually.
My experience with Keepass was that my changes would get stuck in a conflict file that Dropbox would generate if you happened to use Keepass in 2 places at once, as they don't support syncing and force you to manually go through [1] on every device.
I was using "syncing" and "resolving" synonymously. What I was distinguishing between was keeping the most recent file (which is what happens if you use typical cloud syncing for the whole database file) vs. the most recent entry in a given file (which is what you get when KeePass itself gets a chance to actually examine both versions and figure out conflicts internally).
I can't figure out how the KeePass (or the plugin you use, or whatever it is) was handling your Dropbox syncing; it sounds like it was doing a dumb file-level merge, when in fact it's capable of doing much better than that. I use the Google Sync Plugin which has never failed me, even when I'd modified databases on two clients independently before syncing. It uses the ImportUtil.Synchronize() function which I think is what handles the dirty details. See the Technical Details section here: https://keepass.info/help/v2/sync.html
> What I was distinguishing between was keeping the most recent file vs. the most recent entry in a given file
Sure! (sorry, have finally had my morning coffee). I believe that Bitwarden handles it correctly via "live sync" [0]. - albeit it's been a transparent process to me. I've generated logins on my mobile, and logged into them within 30s via the browser extensions on my desktop PC.
> I can't figure out how the KeePass (or the plugin you use, or whatever it is) was handling your Dropbox syncing;it sounds like it was doing a dumb file-level merge
It was, and it was excruciating. However, this is one of the issues I have with Keepass - it may be possible to do better, but the default behaviour is abhorrent.
From the link you gave, it explicitly calls out the issue in "advanced" synchronisation schemes under "Local <-> Master" [1]. If you don't correctly follow the setup steps you can end up with [2] which can (and does) result in data loss. The (as far as I can tell) official (as far as I can tell) forums seem to be happy to pass the buck [3] and say "Oh that's not our problem, that's the sync services problem".
> I use the Google Sync Plugin which has never failed me
I don't doubt that for a minute, but for someone migrating from LastPass/OnePass to Keepass, searching for "How to sync keepass across machines" will _never_ point you to the google sync plugin.
It has browser integration but it has a client server model so there is nothing to sync with gdrive or Dropbox. So it's more like lastpass than keypass.
You can host your own server and there is at least one alternative server implementation.
Seconded. I used LastPass for probably 5 years, and moved to Bitwarden a few months ago. No regrets. It was a breeze to setup the Docker image, migrate my data, and the TOTP support works even better. It'd take a lot for me to consider another open source implementation.
When your vault is locked it won't offer to save or update passwords.
When your vault is locked it won't respond to the "fill login" shortcut. 1Password would have you enter your master password and then it would fill the login. Bitwarden just doesn't respond.
You can access your username/password from the main window but if your TOTP code expires before you log in you will have to go digging.
I moved to Bitwarden from 1Password. Use it on iOS. Can’t say I miss anything at all. I pay the yearly fee for it too to support them because it’s pretty damn awesome.
Any particular reason for leaving 1Password? I've been using it for almost a year now and haven't had any complaints. Though I literally did just switch from Android to iOS yesterday, so maybe I'll find a reason shortly :P
I paid for the desktop version of 1Password. When it went subscription based I was annoyed. Started hearing about bitwarden and after trying it (after trying others) I really liked it. So I moved to it cos it was free. But I just got more impressed with it on iOS, windows, and on linux I always have Firefox open so I just use that. I decided to pay for a year to support their effort.
So no particular reason other than not liking the subscription plan of 1Password.
I too tried to like Bitwarden but have been disappointed. In the meantime I've made a basic linux CLI for read-only access, seems to be sufficient for the time being: https://github.com/vinc3m1/1pa
Hmm. Not a great start - 'select all' on the linux client selects all the page text, rather than the items, so there's no way to bulk edit. Doesn't engender much confidence.
[Edit: OK it turns out to be an electron app, and a barely functional one at that]
In this particular case it's because I wanted to move all the items from a single imported 1Password vault (I have a few for different purposes) into a Bitwarden folder.
But more generally, when trying new software I tend to exercise its functionality as a first QA pass. There's a 'select all' entry in the Edit menu, and a keyboard shortcut, so it seems reasonable to try it. The failure isn't in itself a show stopper, but it's a mark against the app for me.
Folder organization makes sense. My guess is this shows up as a shortcut “for free” as a result of it being electron based. I think the “native” client is the newest client Bitwarden offers and probably hasn’t gotten as much polish yet.
Yes agree on the shortcut 'for free' aspect, but I'd consider expunging unused default menu items as part of a very basic pre-release checklist, rather than 'polish'. I don't share the frequently-expressed antipathy to electron apps, but many are quite shoddy, which only adds to their poor reputation. I've seen commercial apps which (for example) replace their whole window contents with a dragged image.
I'll keep an eye on Bitwarden - I like the overall shape of the project, but it's not ready for me yet (had some problems with the firefox extension also).
- Browser integration (a single key combo unlocking & filling in passwords)
- OTP support
- SSH agent and key storage
- Entry-level (rather than file-level) synchronization
- Google Drive synchronization
- Automatic history maintenance
- Storing arbitrary additional data
- Icons (makes identifying entries so much faster)