[jobu]

LastPass was great for almost 10 years until LogMeIn bought them and they've been messing around with the business model and pricing ever since. I paid $12/year for several years to get mobile access. Then after they were bought I was somehow automatically upgraded to their premium plan for $36/yr. They had given notice but it went into my Promotions inbox and it was months before I realized it. Every year since they've tried different pricing models and it's been frustrating to keep up with.

I had been planning on switching over to Bitwarden in a couple months when my current LastPass subscription runs out, but I just found out that LogMeIn is spinning them off into a separate company again - https://www.zdnet.com/article/logmein-announces-plan-to-spin...

[gen220]

Trusting a company with your most valuable long-term data (passwords, medical/family records, etc.) is a losing game on a long enough time horizon (5 years, let alone 15 or 25).

You can arbitrage by trying to choose more than one. But IMO, the most robust solution is to make your data "dumb" and commoditize the storage layer.

With something like pass, I have my passwords physically located on all my devices, encrypted at-rest. Plus, I have a backup on a home server that can be regularly backed up to any commodity storage provider (backblaze, aws, whatever).

With this, you'd need to both lose (1) all your devices (2) internet access to those devices. This kind of thing is a bit predictable, and can be mitigated.

With a managed secret-manager service, mere corporate shenanigans or internet connectivity problems can take them away from you! Those are less predictable, and the only mitigation is to move to a service that doesn't have these problems.

[Isthatablackgsd]

> They had given notice but it went into my Promotions inbox and it was months before I realized it.

That's why I have them disabled in my gmail accounts, I have several missed important emails because they landed in the wrong section. I disabled them in my work email too. My boss keep it on and it causes my boss issues with missing RFQ and requests.

I went with Keepass, it is free, open source, cross-platform. Been using Keepass for 10 years. I control my data and my file, so I don't need to worry about potential data breach which several other SaaS password management failed to keep it secure. My keepass database (vault) resides in my OneDrive and synced across all of my devices that have Keepass. And I like Keepass will generate a backup of the database before saving the entry in case of corruption. It happened to me once 5 years ago and it was in Dropbox storage that time, somehow Dropbox failed to sync the change and ended up corrupting the synced vault across of my devices. I have 260+ entries in my keepass.

Neat thing about Keepass, it can check haveibeenpwned.com and compare the password in my vault. It generated a list of password that need to be changed.

[cobertos]

This is why I switched to Vaultwarden. The migration was at least simple (self-host server, export LastPass, import to BitWarden) and now I can save TOTP too. And syncing works better.