this post was submitted on 19 May 2026
85 points (97.8% liked)

Privacy

4664 readers
590 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 3 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
85
"The Quiet Renovation at Bitwarden" (it isn't good) (blog.ppb1701.com)
submitted 3 weeks ago by cm0002@infosec.pub to c/privacy@programming.dev
16 comments fedilink hide all child comments
top 16 comments
sorted by: hot top controversial new old
[–] defaultusername@lemmy.dbzer0.com 20 points 3 weeks ago (1 children)

I deleted my Bitwarden account a few days ago and switched to KeePassXC (and DX) and Syncthing.

[–] suicidaleggroll@lemmy.world 17 points 3 weeks ago (1 children)

The "always free" banner is back on the website, FWIW

[–] lka1988@lemmy.dbzer0.com 7 points 3 weeks ago

It was a scream test. It always is.

[–] rants_unnecessarily@piefed.social 13 points 3 weeks ago

I just knocked from gmail to proton, so I guess this gives me reason to switch to the included password vault.

It's a shame I only recently got the rest of the family to begin using bitwarden, so it'll be a bit of a shock to them.

[–] splendid9583@kbin.earth 13 points 3 weeks ago

https://www.privacyguides.org/en/passwords/

[–] AssaultPepper@monero.town 12 points 3 weeks ago (1 children)

Rough getting the whole family on Bitwarden only for them to rug pull what made it good.

I'll be keeping an eye on forks I guess.

[–] brian@programming.dev 8 points 3 weeks ago (1 children)

vaultwarden is already reasonably mature for server

[–] AssaultPepper@monero.town 3 points 3 weeks ago

I've heard good things, issues would mainly pertain to somehow walking non-technical family members through setup.

As well given I don't have a security background I try to keep my self hosted stuff to non-critical items. Plex going down matters less than "I can't login to my bank account because the optiplex decided to die while I'm in the office".

Albeit knowing how locked in many users are made it a great target for PE so should've seen that coming.

[–] Dialectical_Specialist@quokk.au 10 points 3 weeks ago (1 children)

How will we know when to jump ship and is it already now?

[–] onlinepersona@programming.dev 12 points 3 weeks ago (1 children)

Jump now, before it enshittifies. Start looking for alternatives otherwise they might do something like disable exports. Then you'll have a really hard time switching.

[–] Dialectical_Specialist@quokk.au 4 points 3 weeks ago (1 children)

Disabling exports seems unprecedentedly extreme. I see little to gain from such lock-in even in a financial sense

[–] onlinepersona@programming.dev 0 points 3 weeks ago

Tell CrApple that lock-in has little financial gain.

[–] obvs@lemmy.world 8 points 3 weeks ago

It's not safe to use U.S.-based companies for security.

[–] SinTan1729@programming.dev 5 points 3 weeks ago

I hope that there'll be community forks of the bitwarden frontend apps just like there's vaultwarden for the server.

[–] robbo@programming.dev 1 points 3 weeks ago

I went through a process of programs for this. I can't remember what was first but I used lastpass for a while... it never felt good and even just meant all websites had an error in the console. Then I used bitwarden for a long time and I can't remember why but I think it just got worse or annoying. Then using 1password was just so much better, maybe I just tested it and realised how bad bitwarden was. Been on it since. Because I use it for work too (out of choice, but want to get it as a company wide thing) I will stay with it for good. But if I didn't do it like that I think I'd just commit to everything being proton.