I wanted to be the first one to tell you: I’m incredibly proud to announce that we’ve partnered with Accel to help 1Password continue the amazing growth and success we’ve seen over the past 14 years. Accel will be investing USD$200 million for a minority stake in 1Password. Along with the investment – their largest initial investment in their 35-year history – Accel brings the experience and expertise we need to grow further and faster.
I use 1Password, and I’m deeply skeptical of venture capital investments like these. 1Password has been profitable since its founding, so this investment is not a make-or-break kind of thing, which makes me worried about the future. Password managers require a lot of trust from their users, and trust is not something I give to venture capitalists.
I use the Bitwarden_rs docker container to host my own.
I did the same thing about a year ago. To add more details on the setup:
– Bitwarden is open source and the code is available on GitHub
– Bitwarden_rs is a Rust implementation of the official Bitwarden server
– I setup a free Google Cloud VM instance with the Bitwarden_rs docker container installed and added LetsEncrypt for SSL (I still have an issue with triggering the Bitwarden_rs to reload when the SSL certificate is updated — so I simply do a cron to restart the container once a week (definitely “cheating” but seems to work well)
– I wrote a small script to pull the database and related files to backup to a secondary location. With my setup, I am up-to-date to the day (could backup more frequently but no need) and can regenerate the entire server in a few minutes once restored from the backup.
Overall I have been very happy with the setup. A long duration LastPass outage last year was the final straw (prior to this I was cautious with the LogMeIn acquisition) to find a better solution. Being in control of the server side and knowing how the client apps function during server outages (and not to mention, being able to spin up a new server really quick) has been huge (LastPass claimed access to my vault during a server outage — clearly was not the case for hundreds of thousands of users).
I switched (from LastPass) to EnPass https://www.enpass.io/ ages ago. AES256 encrypted on the endpoints (so nobody can decrypt without your passphrase, even adversaries with practical quantum computers unless someone comes up with a better brute-force attack than Grover’s algorithm), store the encrypted blob wherever you want (local filesystem, various cloud services including one you’ve set up yourself, etc.), etc.
Also, the mobile app is a one-time payment. Desktop use is free.
I’m with LastPass, but I was thinking about moving to a FLOSS password manager, maybe Bitwarden?
https://bitwarden.com/
Any of you have some feedback?
Read the comments above yours. For personal use the community unofficial rust version is much easier to set up, and much lighter on resources The clients work with it fine.
Bitwarden is nice. I’ve been using it for a while, and it work well. It even integrates with iOS to provide passwords.
I use Safe+ on my iPhone and Mac – it synchronises using Wifi (no cloud) and there is no subscription!