| I have used 1password. I only moved to Bitwarden because I decided that if the PM was going to demand cloud backing I might as well pay cloud cost to an open-source entity. 1password is faster. I used to use rsync (bittorrent-sync) to keep my own hosts up to date against each other. This was painful to manage so I accepted the bitwarden cloud model. The risks are there, for sure. If you doubt the crypto behind your keystore, where it is should worry you little because how insecure it is should not be about where it is: its about how its shrouded, and how what is shrouded can be revealed. My belief in the shroud protecting my secrets is my belief in their ability to code to the spec. it wasn't founded in my use of a private filestore to back the keystore, although I did, and I prefer private files, to private cloud files, to cloud files hosted by some intermediary, to public cloud. Bitwarden is a private cloud file, hosted by some intermediary. The risk here is twofold: the intermediary is broken and its persisting filestore is readable, and bitwarden is broken and its interior private view becomes visible. My best belief is that no part of my interactions depend on bitwarden knowing the interior state of my keys, they only handle shrouded data, and either I run apps which decode locally, or I run javascript which decodes locally, but I do not expect or believe any transit of the un-shrouded state of my data routinely has to flow through their hands. And the persistence of that belief is because they say the limits to how they can help recover my keystore, if I lose critical information. if they are truthful here, they cannot help me if I lose the escrow passphrase, because nothing they hold is the decrypt of my shroud. I have to give permission to de-shroud there side, the protecting key. its otherwise only used locally to me. (if somebody breaks the .js code, then the filestore being in the cloud is irrelevant) 1Password made the same kinds of commitment to me. As do LastPass and a number of other people. They all have to be comparable in this regard because its the fundamental business model. At one stage, there was some leakage in the model for some keystores. The file names un-necessarily encoded revealing parts of the URLs they related to. I think thats changed now. It was scary. I had assumed everything was shrouded, it turned out for some period of time, only passwords and identity inside the URL had been fully protected. They changed that. I think it was 1password, it might have been lastpass. It wasn't bitwarden because I moved to them earlier this year and that was 2-3 years ago or more. If I have misunderstood and sometimes my data is visible to them in clear, on their machines, I'd love to know. |