[chipotle_coyote]

Actually, the part of the article that made me prick my ears up was this paragraph:

In February, longtime CEO Michael Crandell moved to an advisory role, according to LinkedIn, with no announcement from the company. His replacement, Michael Sullivan, former CEO of both Acquia and Insightsoftware, touts his experience with “all facets of mergers and acquisitions” on his own LinkedIn page, including experience working with leading private equity firms.

In combination with downplaying the free plan and removing any hint of now politically unfashionable DEI-like language, what this screams to me is: Bitwarden is being prepped for a sale.

[nacs]

This feels like deja-vu with Lastpass.

LogMeIn buys Lastpass, multiple massive breaches occur[, people move to Bitwarden].

[troyvit]

Did Lastpass have a project like Vaultwarden behind it at the time? I'm hoping against hope that that will keep us with an open vault.

[jmux]

vaultwarden is great, but password managers are security critical software that need consistent maintenance and constant updates.

if bitwarden is acquired and the new owner decides an open source version of their product is not a business necessity, without someone actively supporting the salaries of engineers it’s unlikely to continue to be secure for much longer.

[joecool1029]

> vaultwarden is great, but password managers are security critical software that need consistent maintenance and constant updates.

You’re acting like this isn’t the case already with vaultwarden? (and it’s easier to host as well, making for easier updates) https://github.com/dani-garcia/vaultwarden/releases

[therealpygon]

Is it possible that you are assuming they are referring only to Vaultwarden itself? Half of the equation is a server component compatible with every app produced by a company, the other is every app that is produced by a company. If the company decides to stop being compatible (by changing their own communication), what are you left with besides the built-in web interface and a handful of “maybe-compatible, maybe-secure” apps?

Security updates aren’t just about the vault. What does having a fancy locking system mean if the moment you open the door everyone can just walk in?

Most people just want a product to do what it says from all their devices, and don’t care about any of this stuff. As such, they are more inclined to simply move to yet another least-friction mature ecosystem.

Vaultwarden as an alternative is a bit like suggesting a third-cousin who homebrews beer in a trash can knows a viable alternative as a nationwide replacement for Budweiser, because they both happen to use the same shape of bottles. I’m sure some family and friends might go along, but everyone else is just going to pick a new common brand that is similar to what they had, not start brewing their own beer. Some will…for a while.

The best thing about self-hosting your password vault is that you can be naive about how many times it has been compromised without detection.

(I’m not against self-hosting things — I’m against acting like it is a realistic alternative for average people who almost never have the skills to implement it securely.)

[hgoel]

But since it's already open source and popular among tech savvy people, they have to weigh any attempts at increasing profits against the risk of losing customers to a fork.

[nerdsniper]

They will make the wrong decision.

[noplacelikehome]

The issue is that a huge amount of value is tied up in the client applications, which do not have community-maintained equivalents.

[wolvoleo]

Well the first thing they can do is block access to self hosted servers in the official app. And they could petition Google to not allow clones in the play store. Together with Google's sideloading harassment that will make it much harder to use vaultwarden.

[fbd_0100]

Well, it was nice while it lasted.

[rstuart4133]

I use bitwarden, but it not being able to share a single secret is becoming an issue.

In my search for alternatived I stumbled across https://passbolt.com/ AGPLv3 and does support sharing single secrets, but no free hosted version. Free if you self host of course.

It guess it's a vaultwarden without "the man in Nebraska" problem.

[thfuran]

A free hosted version pretty much just looks like prep for a rug pull to me.

[throwaway270925]

Looks promising. But no hosted offers for individuals as far as i can see.

[sshine]

Hardly.

I wanted to like it, but didn’t.

[DANmode]

What do you prefer?

[sshine]

Firefox Sync.

On iPhone, Firefox Mobile can work as a password manager.

I'd like something that is easier to self-host, and isn't tied to Firefox.

But my botched migration to Bitwarden has left me looking for something that works better; in the meantime, I'm staying with Firefox + Firefox Sync. I use another browser on iPhone, since Firefox Mobile has memory problems with many tabs. (The problem was there for years, got fixed, and reoccurred.)

[rcxdude]

This is what made me and others nervous when they announced a huge investment into the company a few years ago. It was already a good and self-sustaining product, and taking on that investment was just going to create an expectation of returns later down the line, something that was more likely to result in enshittification.

[YFriedman]

When did they remove DEI language?

And how is that relevant, either way?

[nozzlegear]

It's relevant because it was ostensibly a value of Bitwarden's at some point, but they've thrown it under the bus now that they're looking for a buyer.

[thrance]

To get approval for a merger under the current US admin, a company needs to show ideological purity.

[cybercatgurrl]

yay for kowtowing to fascism to make a quick buck. the capitalist machine continues to show indifference to our suffering

[duttish]

Well that's a shame. I've been paying for years now, very happy in general.

What do people recommend? I'm on Linux/Firefox/android and don't want to self host.

[persedes]

urgh of course it has to be private equity. Really liked the product and did not mind paying for it...but not ready for the PE enshittification.

[xinayder]

I knew something was wrong when they started showing a popup on the web vault asking you to subscribe, every time you open it.

Enshittificstion incoming.