Privacy

49094 readers

716 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

423

Quiet Changes in Bitwarden (itsfoss.com)

submitted 2 days ago by liverstealer@lemmy.zip to c/privacy@lemmy.ml

118 comments fedilink hide all child comments

I have been using Bitwarden for around 7~ years. Subscription for this long too, at 10USD p/year. I will be switching due to lack of transparency, and would love to hear others thoughts on this.

The linked article goes into further detail, but here is a small summary that very much concern me / are sus:

that 10USD per year has gone up quietly . I just checked and I have no email telling me it's increased. It renews in like 2 months, so this is good timing for me
Originally Bitwarden had values as apart of the acronym "GRIT". Gratitude, Responsibility, Inclusion, and Transparency. They have changed the last two words to "Innovation, Trust"
There is now a new CEO, this was not announced and the only reason people outside of Bitwarden know is that someone saw this change on LinkedIn
The free tier momentarily disappeared from their product page for about a month (april14-may14). People were likely still able to make free accounts during this period. Bitwarden says it was a marketing mistake

The price hike is one thing, but for me the acronym change is most concerning, which is why I will be looking at another password manger (probably keepassxc)

you are viewing a single comment's thread
view the rest of the comments

[–] Allero@lemmy.today 53 points 1 day ago* (last edited 1 day ago) (3 children)

If you or someone you trust happen to have a home server, just install Vaultwarden, which is the community fork of Bitwarden without any fees, shady stuff or reliance on Bitwarden infrastructure.

[–] BlushedPotatoPlayers@sopuli.xyz 1 points 9 hours ago (2 children)

How do you use it on mobile? I didn't find an app version

[–] Allero@lemmy.today 1 points 3 hours ago

Use the Bitwarden app, it is compatible. Under the email field, choose a custom server and set it up there.

[–] bitwolf@sh.itjust.works 3 points 7 hours ago

You use the normal Bitwarden app and point it to your server

[–] KairuByte@lemmy.dbzer0.com 4 points 14 hours ago (2 children)

I know this options exists, but honestly I don’t think I have reliable enough infrastructure. It’s hardly ever offline, but my backup game is super weak, and I have had to rebuild from scratch once in the past three years.

What happens if I fuck up again and have to rebuild? Just feels like a massive potential failure point.

[–] Allero@lemmy.today 1 points 3 hours ago* (last edited 3 hours ago)

Bitwarden app is fully compatible with Vaultwarden and stores copies of all your passwords for offline access, so as long as you have access to the app somewhere, you'll have them.

Also, Bitwarden can export your passwords as a file in several formats, readable by Bitwarden, KeePassXC etc. You can have that stored somewhere safe.

[–] Auli@lemmy.ca 3 points 12 hours ago

Your backup is all your clients. Every client has a blob. If you loose it export and then import. That is if everything else fails.

[–] zebidiah@lemmy.ca 42 points 1 day ago* (last edited 1 day ago) (1 children)

If you look real close side by side there is a subtle difference....

Suuuper easy to stand up, took me about 20 minutes to get it up and running

[–] trilobite@lemmy.ml 2 points 1 day ago (1 children)

Well, when u say supereasy to set up, i don't know. The need for reverse proxy was driving me nuts. For someone that doesn't expose anything to the outside world, the need for a reverse proxy is overkill in my opinion. But i did hive up fairly easily, so i'll have another go in the future when i have time. For now my Syncthing + Keepass setup will have to do but i do find its not 100% robust. If i have keepass open on both mobile and laptop, i'm at risk of loosing changes. If the change is made on one device and i close after change, i won't see the change until i close keepass on the other device. But by then syncthing thinks that the latter is the most recent change and marks the file of first device as conflict file. So the chsnge is not lost but its not in the most "recent" version of the database.

[–] Jason2357@lemmy.ca 1 points 9 hours ago

If you have several, it really is convenient to set up an internal reverse proxy for all your internal-only services. One place to set up let's encrypt and set up subdomains or different paths for the different services. No need for URLs with different port numbers or IP addresses.