Każdemu komu rekomenduje założyć sejf w aplikacji #bitwarden od razu polecam kupić pendrivea za 20-30zł i robić szyfrowane kopie od czasu do czasu, a sam takich nie mam :D
Czas to zmienić! Kupiłem małego sandiska, utworzyłem szyfrowany kontener z pomoca #veracrypt i na niego zrzuciłem backup.
#Bitwarden Authenticator app! Finally an open-source alternative to #Authy. The app looks very nice and modern on Android. Can't wait for sync support.
Same API, same features, same UI, and support for other DBs than MSSQL.
One single stand-alone application vs. Bitwarden’s 10 Docker containers. 70MB of RAM vs. 2GB. 3MB of db storage vs. 300MB.
Why was a password manager supposed to take so many resources in the first place? Just because it runs on a Microsoft-only stack and on .NET’s inefficient VM? Just because somebody thought that it was a good idea to separate everything into different containers (even icons and 2fa are modeled as separate services in Bitwarden)?
It reminds me of my recent migration from Mastodon to Akkoma. I got more features, 5GB of RAM freed up and 300GB of storage freed up almost overnight.
Writing and running inefficient software that pointlessly consumes all the resources available on a machine should be a crime in a world with limited resources.
It makes me think of how much shitty bloated software like @bitwarden, probably based on awfully inefficient languages and frameworks like Java, Ruby on Rails and .NET, is running out there, pointlessly sucking up resources for doing simple jobs that could easily be done with 99% less resources.
Today’s developers, spoiled by IDEs, powerful machines, docker-compose and shortsighted “just throw more RAM at the problem” approaches, have forgotten how to write efficient software. Time for them to learn how to write good efficient software again. Software doesn’t eat the world. Only shitty software built on shitty framework does.
@davidculley my experience with Ruby on Rails application mostly involves running both Mastodon and Gitlab on my servers.
In both the cases, what I’ve noticed is that it’s not the language itself that is slow and heavy (Ruby’s weight is comparable to that of e.g. Python), but Sidekiq.
Sidekiq is the standard framework used by Ruby on Rails application to schedule and run asynchronous jobs (processes, threads…), kind of akin to what php-fpm does for PHP.
In my experience, it’s hard to configure properly, and when not configured properly it ends up with endless pools of active jobs doing all kind of things and sucking up all resources you give to them.
Making progress with #BitRitter. Slow, but steady.
Today i implemented a password input to unlock the #BitWarden / #VaultWarden vault, so we can soon remove a part of the credentials.toml (which was just a workaround for faster testing) and make the app safer. #Relm4 feels nicer the more i get to work with it.
Sadly my ARM CI did not work as nicely as the x86, so i can't package for my phone easily.
Installed #Vaultwarden. Will have to tinker with this later to see if it's worth moving my vault to a self-hosted instance instead of directly with #Bitwarden
@motoridersd I made the switch a few months back. Bitwarden’s apps/extensions aren’t as polished as 1pass, but I’ve had 0 issues with Vaultwarden. Happy with the switch, especially with 1pass’s change to subscription hosted only model.
I highly recommend BitWarden as a password manager. It is free, open source, and has a great range of apps and APIs. The one thing it doesn't have is a way to sort your accounts by creation date. I now have over a thousand accounts that I've added - so I wanted to prune away […]
<blockquote>Delete the file as soon as you are done with it.</blockquote>
I would suggest using <code><a href="[https://en.wikipedia.org/wiki/shred_(Unix)](https://en.wikipedia.org/wiki/shred_(Unix))">shred</a> -un 9 filename.json</code> if you're on a Mac or another Unix-like system. <a href="<https://gitforwindows.org/>">Git Bash</a> also comes with <code>shred</code> for Windows users.
@Edent I have a similar quandary; just over 750 passwords. I think that someday it might be worth auditing them and deleting the ones for websites that no longer exist, and deleting the unused accounts from websites that do still exist, but it is a lot of work to commit to all at once. Probably one of those things that makes sense to put 10 minutes aside for here and there.
@Edent there are some examples in the thread you linked that use the bitwarden cli and jq to do it. It saves having to write the unencrypted file to disk and if you filter the output fields you can avoid showing the passwords on screen too. So I’ll use something like
So the reason I am moving away from my beloved #Bitwarden password manager is because of Proton Pass. Which happens to work well with Proton Mail, Proton Calendar and Proton Drive. You see, it's a suite of non-Google apps that is focused on privacy and encryption (you can use Proton Pass separately and for FREE)
And yes, it's a tedious process of moving to a better product. One that is focused on protecting vs. exploiting. I'm being patient and moving forward. #passwordmanager#password#Encryption#proton#ProtonPass
I should mention that if you are using any reputable PW manager, GOOD ON YOU. (And if it happens to be Bitwarden, props!)
Let me know what works for you and why.
Come già annunciato da diversi mesi i servizi #bitwarden per la gestione delle password ed #etherpad per la #scritturacollaborativa sono migrati alle 24 del 24/1/24 e sono ora disponibili qua:
:bitwarden: https://vaultwarden.devol.it
è sostanzialmente lo stesso software open source compatibile al 100% con bitwarden, il progetto è stato rinominato dallo sviluppatore.
As a developer the biggest irritation I have with #1Password is that it doesn't take ports into account when displaying suggested logins; so logins saved for localhost:1234 will also be displayed for localhost:9876.
I mentioned it on the birdsite a while ago and they responded saying such a feature would be useful but it never materialised.
Thinking about moving to #bitwarden but initial testing shows the same limitation - unless there is a setting somewhere.
@Sandrew - I was looking in the options displayed in the browser extension and couldn't see anything. Found it now in the main portal and using 'starts with' resolves my initial use case but will also look at the other options as there are other scenarios I want to use if possible.
Certainly looks like I'll be migrating over at some point in the near future.
@graves501 I have been using Baikal for a couple of years and just recently installed Nextcloud. ATM Nextcloud runs quite slow on my shared hosting. But once that's fixed, I'll probably migrate everything to Nextcloud. 😊
#Bitwarden recently made a change that requires an update the KDF settings in your account. If your current value is too low (as it most likely is) your sync across devices will be broken.
Changing it will log you out of all devices and you need to log back in.
Unfortunately because sync had been broken for a while, there were some entries that weren't updated when I finally logged everything back in...
Export from the most up to date vault, purge and then import again to avoid duplicates
Since i am not celebrating this day for some reasons, i have time to code while my family is asleep. The last hour, i implemented the wrapper functions, for setting up/logging in/unlocking accounts and saving state to the db for the #BitWarden#LinuxMobile client.
We are getting somewhere.
Some GUI stuff and decryption is still on the list before you can check out the code.
So, nun knapp 600 Passwörter und sichere Notizen von #bitwarden nach #ProtonPass gezügelt.
Ging schneller als schnell.
Besonders schön: auch alle #TOTP wurden problemlos übernommen.
Einziges Manko: Anhänge kann ProtonPass bisher noch nicht.
@chm@Jerome2103 We use zero access encryption, so we cannot share any of the data stored encrypted on our servers (email content, attachments, calendars, files stored on Proton Drive, items stored on Proton Pass). There is of course, a limit to the protection provided by Proton Mail, which has been clearly described in our Threat model (publicly available since 2014): https://proton.me/blog/protonmail-threat-model. Depending on your own threat model, Proton Mail may or may not be the right fit for you.
Is it me or does #Bitwarden integration on #Linux suck? Am using Arch, #Gnome and #Firefox and hope I am missing something because otherwise I really don’t see the point.
Is #bitwarden a good alternative to #1password. Or what is the best way to have a password manager on Mac, iPhone and Linux with hosting a Family support?
Primary storage ist via #bitwarden with a local #vaultwarden installation (both needs to be version 23.10 at least)
Secondary storage is a #yubikey 5 NFC which I carry with me. This one alllows me to use the passkey on my iPhone (iPad not tested yet)
Tertiary storage is another (cheaper) Yubikey which is deposited in a safe at home
Both Yubikeys are protected by a PIN which my wife knows. That way I canot lose access to my account and have taken precautions in case I become incapacitated.
But this setup requires quite some time for each web site to switch to passkeys. That's why I am so angry with companies like Paypal who make it practically unusable.
@masek Totally get ya, I was just wondering because this didn't seem to add additional security, but it's more of a "safety" measure. And since I don't have case #2 and accept case #1 (with backups) as an acceptable risk, risk #3 can simply be remediated by sharing access to my wallet ^^'
