this post was submitted on 14 Jul 2023
510 points (97.6% liked)

Asklemmy

43908 readers
1311 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 173 points 1 year ago (3 children)

Bitwarden is one I use several times a day. They do have a support plan for like $10 a year that gives a couple extra features like TOTP support, but the base level is incredibly robust. It’s open source, too. I know a lot of folks also host their own servers with Vaultwarden, but that’s a little beyond my skill level.

[–] [email protected] 31 points 1 year ago (6 children)

I pay for it just because it's cheap and to support them

[–] [email protected] 16 points 1 year ago

Same, the free tier is so good that I'm paying to make sure it stays free.

[–] [email protected] 8 points 1 year ago (1 children)

I pay for it just because it's cheap and to support them

I did this too when it first came out, and then the product became robust enough that I recommended we implement it at work because secrets management was non-existent. We have a bunch of licenses on the Enterprise plan now and it just keeps getting better each update.

My only complaint is that migrating the data to a new server is a pain in the ass and never works correctly, even when following the migration instructions to the letter. Always have to open a ticket with them for that. Not enough of a pain to move to another product, though.

I also still pay for my personal plan. It really is a fantastic product.

[–] [email protected] 1 points 1 year ago (2 children)

Why not just let them host it?

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Because we have some contracts that stipulate any data related to the project, including secrets/credentials, must remain on-site, and in some cases, on an air-gapped network. Doesn't make sense to spin up something else to manage those secrets when Bitwarden can do it all and satisfy the requirements of those contracts.

[–] [email protected] 2 points 1 year ago

Ahh figured it'd be something like that.

[–] [email protected] 1 points 1 year ago (1 children)

Pretty uncommon to host company credentials via 3rd party as policy. It wouldn't even be legal under national law for my field of work for example.

[–] [email protected] 1 points 1 year ago

Obviously situations are different but the majority of standard businesses will let bitwarden host. In fact, I'd put more trust in bitwarden than than most self hosting teams.

[–] [email protected] 2 points 1 year ago

Great I do the same too!

[–] [email protected] 1 points 1 year ago

I use the business plan to seperate personal and business but the sharing features are also great.

[–] [email protected] 1 points 1 year ago

It’s so cheap! The value for the price is astounding.

[–] [email protected] 9 points 1 year ago (1 children)

I just recently started using their totp function and I can't believe I didn't switch sooner. Just the fact alone that it automatically copies the code to your clipboard is such a Time saver not having to open up a separate app.

[–] [email protected] 2 points 1 year ago (3 children)

It's a wild time saver. I can’t believe other folks go to a whole separate app for their codes! Hitting Ctrl+L to autofill passwords and user names then Ctrl+V for TOTP feels like a hack when I watch other people struggle with their other solutions.

[–] [email protected] 6 points 1 year ago (1 children)

I use a separate app for my codes, if someone somehow gains access to my Bitwarden if they have TOTP as wellcthrn they have all my accounts. With my TOTP in another app they still can't access them.

[–] [email protected] 2 points 1 year ago (2 children)
[–] [email protected] 1 points 1 year ago

Not OP but, consider using something like a YubiKey or similar hardware key for your second factor authentication.

They usually support multiple protocols so you only need to carry one around - and storing your second factor with your passwords is like putting all your eggs in one basket.

Print out recovery codes or get an ekstra hardware key for backup and you get great security for surprisingly little effort.

[–] [email protected] 1 points 1 year ago

Personally I like Microsoft Auth. It just works well for 365

[–] [email protected] 3 points 1 year ago

Right! I was using Authy so I didn't have to grab my phone every time, but even that was still having to open the Authy app and wait for it to load, copy+paste. But using the keyboard shortcuts for Bitwarden is just so fast. Like you said, feels like a hack. It even auto copies on Android and with the autofill, makes it so easy.

[–] [email protected] 2 points 1 year ago

I use keepassxc which autofills. Then 2fsa has an addon that auto adds the code. I'm in in under 10 seconds. I dread the idea of keeping my passwords and TOTP in the same vault.