Hacker News new | ask | show | jobs
by SamDc73 44 days ago
Bitwarden have in my opinion is one of the BEST business models a user can ask for.

It's open-source, and I can self-host (100% free) and the free version is really, really good too, and then a premium version is $20/year which is very reasonably priced.

Also for cloud hosted password manager, you're always going to have attacks no matter what, but at least they are transparent about it .. (unlike say LastPass, Norton LifeLock, Keeper and possibly others). For self-hosting it might be better security, solely because no one cares to attack it, but it's not going to be more secure form engineering best practices POV (but again I might be wrong .. I'm not a security engineer of any kind)
3 comments
lyu07282 44 days ago
I also don't really expect the self-hosted version to be a small self-contained go binary or something, they have millions of users their tech stack is going to be more complicated necessarily. But then vaultwarden exists too and is well maintained but is then somehow also inadequate. Who could possibly live up these unreasonable standards?
link
gdmka 40 days ago
>And the free version is really, really good too, and then a premium version is $20/year which is very reasonably priced.

I've been paying a flat $10 since 2022. Today, I got an email saying my renewal price goes up to $20 plus tax, which totals $25. The loyal member 25% discount just eliminates the tax for me.

Given that all I've used it for is password and login storage and TOTP all these years, I don't find a 200% price increase to be reasonable. I've cancelled the premium, I can run my TOTP somewhere else.

link
Flockster 44 days ago
As a now almost 15 year long user (crazy to think about) of 1password I am unsure what attacks do you mean? Did passwords get lost and it was not disclosed or what did you mean by the lack of transparency?
link
SamDc73 43 days ago
That is my bad; I was thinking of LastPass[1] where it took them months to fully disclose and explain a very serious breach of data.

1Password seem to have a good transparency track record (I edited the original comment)

[1] https://news.ycombinator.com/item?id=34097142

link