Pretty new here - password manager advice needed

Zenith39

So I’m migrating from the Apple ecosystem to GOs as well as NixOS on my notebook. These will likely be the two devices I’m going to be using. I’ve also got a couple Yubikey 5 usbCs. I think I’ve narrowed my choice down for a password management solution between Bitwarden and keepassXD/XC using syncthing probably to sync the database… I use it already for my Obsidian notes vault. I’ve got Bitwarden installed and trying it out, but I think you have to subscribe for the Yubikey integration of I remember right. Any input is appreciated. Thank you all!

spiral

Zenith39

Regarding keePass/syncthing, be very certain that you understand the risks and responsibilities associated with locally managing your own password vault.

For most people, using a cloud-based solution such as Bitwarden with a proper password is the best bet.

If you do choose to go the local route, please consider committing the vault database to an extensive testing phase before allowing any unique passwords to reside in it. You ought to be certain that you understand how keePass/syncthing works, what the process' idiosyncrasies are, before you risk losing access to (for example) email accounts. Gmail, as an example, can be very difficult and even impossible to regain access to if you lose the password, EVEN with the 2FA backup codes correctly saved.

N1b

Zenith39 Bitwarden and KeepassXD are both solid choices and it comes down to preferences (convenience vs extra security if done correctly). If you want to make sure that any heirs have access to your accounts in case of you dying unexpectedly, Bitwarden Emergency Access is a really nice and unique feature since you don't have to trust anyone with your master password. That's why I chose and stuck with Bitwarden.

Relaks

Zenith39 I’ve got Bitwarden installed and trying it out, but I think you have to subscribe for the Yubikey integration

Not anymore. https://bitwarden.com/blog/fido2-webauthn-2fa-in-all-bitwarden-plans/

I use 1Password and prefer it over Bitwarden, because of several features I find helpful, as well as added "peace of mind" by having the online vault encrypted with a random "secret key" in addition to a password. But my needs include online sync. If you want to self-host, either Bitwarden or KeepassXC I can recommend.

spyhoodle

I use Password Store, it's the best on Linux since it uses just your GPG keys which can be on the yubikey itself, and it's really simple and easy, but the android support is rather lacking, especially since it lacks the yubikey integration. Keepass is the best and most secure unless you host your own vaultwarden (bitwarden server.) - Although I have not used either so I don't know about the support of yubikeys on android

Also - Nice use of NixOS :) If you've just switched I could give you help if you need

Zenith39

spyhoodle ohh thanks! I might take you up on that, still pretty new to it, but so far it’s been really nice. My first go at Linux in maybe a decade or so with the exception of playing with Qubes for a little bit a few years ago then trying again a month or so ago before deciding it was too much work and seeing some great stuff about NixOS on YouTube. So far I’m enjoying it though I’m pretty sure I need to reinstall to get Luks encryption on the boot drive which I’m not looking forward to.

Skyway

I use and like bitwarden but you have to pay to use yubikey .

[deleted]

Skyway webauthn with bitwarden is free

lambd

Still a new software but I like the Proton ecosystem so I am using Proton Pass (https://proton.me/blog/proton-pass-launch?ref=instantsearch).

E24

I use bitwarden on the free tier and it works great for me. KeeyPassDX is technically more secure since it's offline but I like being able to use botwardwn across all my devices and stuff

Skyway

[deleted] ah , this wasn't available when I set up my 2fa . good to know !

DeletedUser115

I use both Bitwarden and KeePassXC/DX. Bitwarden is easier to use / fool proof since it does the syncing for you. I still use KeePass for anything sensitive and never store a copy in the cloud, just distribute copies in multiple physical locations.

Both are good, just depends on what your requirements are.