One downside is that i’ll have no more passkeys. The vault syncing, i can do via SyncThing.
Yikes I need to get off lastpass. I’m paying for it too, since years ago they made it so you had to pay to use it on multiple devices.
I have used KeePassXC for years. I also use Syncthing which syncs files via my wifi for all devices, including KeePass.
Yes, me too. This also solves 2 problems in 1 shot, since I often want to sync / backup other contents between devices too, so it’s perfect, specially for those of us with a NAS at home.
It really depend on your threat model, Proton Pass is fine. Of course a self-hosted or local solution will be more privacy friendly but at the cost of being responsable for security and good backups (3,2 1 rule).
There is no black or white regarding privacy. You want to ask yourself what you want to protect from and is the investment worth being sovereign ?
Wdym by “threat model” ?
Why not Bitwarden?
how is it better?
Look I love fully offline concepts just as much as the next person. But what Bitwarden offers me that those other solutions don’t, is to offload some of the mental load long-term. I like privacy but something are exhausting. Pick and choose your battles.
Less hands on maintenance and mental overhead to keep things synced and all services / files up to date. We bitwarden users have other stuff to do. Different priorities.
This is one of the things I decided to keep to the people who do this far more and deeper than I ever could. Their job. Their liability.
All my accounts are encrypted, cloud accessible, or offline accessible. Protected by a giant hash of a master password. It allows me to feel safe and provides the convenience of copy and pasting insane credentials needed in today’s times. Hassle free. Great features. The end.
*potentially even under free account if you choose.
oh, i was expecting bitwarden to be self hosted too. as long as they are trustworthy, i guess it is convenient to be able to pay to get this stuff done for you.
Here’s the beauty. You can self host it. They give you the option to choose your method. You don’t have to pay they offer free accounts.
so kinda like nextcloud, cool.
I think I’ve done the opposite of most. After using keepassx for the last 4 or 5 years I switched to ProtonPass.
I value security and privacy but Ive realized some of my processes have become too complex, like using syncthing to keep my keepass on my phone and PC aligned. I’m not confident that older man version of me will be able to keep up so Ive stared valuing simplicity.
Im sure many will argue that it is simple but between backups and keys and passwords it really is a lot, especially with a new device each time.
I think I’ve done the opposite of most. After using keepassx for the last 4 or 5 years I switched to ProtonPass.
Me three.
Me four.
I also realised that the attack surface is much greater with my approach with KeePass compared to simply paying a company whose primary mission is to keep my secrets secret.
It helps that I’m just a regular paranoid bloke and not a secret agent or something like that.
I like KeepAss.
I know it’s not your question, but have you checked out Bitwarden or the alternative Selfhosted Vaultwarden. Bitwarden supports passkeys and vault syncing, and if you are offline you can still access your vault.
https://bitwarden.com/passwordless-passkeys/
Bitwarden also released a AIO selfhosted docker image, but last I checked it’s still not in “official release” status.
Ooh an AIO docker image you say? I may have to look into that.
Its called Bitwarden Unified. Its still in beta at the moment. I have been running this along side Vaultwarden myself.
I use KeepassXC on my computer and Keepass2Android on my phone. Passkeys work fine and are synchronized across my Synology.
Same here, it works well, and the Firefox plugin works well for auto fill, too.
Just make sure KeepassXC is set to Automatically save after every change & Automatically reload the database when modified externally, on the General > Basic Settings screen.
I think proton is the most blocked by governments group of services in the entire world. To have a backup in .kbdx file sounds at least like a good idea.
Doesn’t keypass support passkeys?
As you can see from the thread, this question is divided amongst the cult of “sensible privacy is a thing provided you’re not a criminal” to the cult of “everybody’s on a FEMA/🧊 spreadsheet and they’re working their way down”.
I’d say make sure you use a separate password for proton pass, it’s an advanced option. You are far more likely to get hacked for your money and password manager goes 97% of the way to defeating those attacks.
Don’t take your eye off the ball. The real threats to your wallet have always been the shareholders.
AFAIK, no; keepass does NOT support passkeys. TOTP’s are still fine though.
Sorry, I was thinking of keepasssXC which does have passkey support
Any specific reason that makes Proton Pass less secure? I am curious since I am using both pass and bitwarden at the moment. bitwarden for all my logins and pass for alias + their logins.
