this post was submitted on 27 Mar 2026
288 points (96.5% liked)

Technology

83126 readers
3682 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
288
Bitwarden 100% price increase (www.fastcompany.com)
submitted 1 day ago by 0485919158191@lemmy.world to c/technology@lemmy.world
137 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] aproposnix@scribe.disroot.org 4 points 1 day ago (5 children)

Can someone please help me understand why you would want to have your passwords in the cloud? I've been using Keepass for about the past 15 years. I always just sync the db between computers/mobiles. Its never been an issue. Is having it in the cloud really that big of an advantage?

[–] versionc@lemmy.world 1 points 16 hours ago

Syncing is a problem without a seamless solution. The official syncthing app for Android is abandoned and syncthing-fork isn't trustworthy and feels vibe coded. Nextcloud is way too bloated for simple vault syncing.

I'm personally warming up to the idea of using pass.

[–] Appoxo@lemmy.dbzer0.com 5 points 23 hours ago (1 children)

Not interested in selfhosting and risk a data breach.
It's imple: Who is better equipped to combat a hack? You or Bitwarden?

[–] aproposnix@scribe.disroot.org 2 points 18 hours ago (1 children)

Definitely me.

[–] osanna@lemmy.vg 2 points 15 hours ago (1 children)

there's also the fact that hackers probably don't know I'm hosting it. Where as bitwarden hosted makes for a very very juicy target

[–] Appoxo@lemmy.dbzer0.com 1 points 13 hours ago

False sense of security.
The moment to fuck up certificate issuing and don't use a wildcard certificate, the subdomain is public and will be probed to hell and back. And due to regex, probably by bots specialized to probe password vaults.
Wish you best of luck and security.
But I'll stay here :)

[–] HubertManne@piefed.social 3 points 1 day ago

convenience. its integrated into the browser and easy to get going. I personally use it for "unimportant" logins. Mainly things that are not government or financial or such. My improtant ones I keep on an external drive that I only pull out for when im doing that type of stuff.

[–] WolfLink@sh.itjust.works 3 points 1 day ago (3 children)

Natural disaster -> no longer can access everything you have online, including bank and insurance accounts, at precisely the time you most don’t want to deal with that.

[–] BastingChemina@slrpnk.net 1 points 18 hours ago

Personal disaster as well.

If something happens to me and I am incapacitated, or worse, my wife or my brother can request access to my vault and without any action in my side for a week they will have access to my vault. (Emergency access feature in bitwarden)

So it does not add the stress of needing to call ALL the utility companies, bank, school ... To reset passwords or request emergency access.

I saw that first hand with my brother in law who had an accident and went into a coma. We were lucky that his computer wasn't locked and all his password accessible on it.

[–] mic_check_one_two@lemmy.dbzer0.com 3 points 1 day ago (1 children)

Pretty much this. Cloud storage isn’t perfect, but it sure does make proper 3-2-1 backup hygiene easier. 3 backups, on 2 different mediums, 1 of them off site. Cloud storage accomplishes both the 2 and 1, because it is both a different medium and off site.

The fact that you can automatically sync remotely is a big bonus too, because off-site backups historically have a problem where they fall out of date without active attention. For instance, if you have a tape backup system stored in a warehouse across town, those tapes are only as up-to-date as the last time you took the time to drive across town and update them. But with cloud storage, you can automatically sync your folders to keep things up to date in near real time. Plus, your traditional off-site backup is only as secured from things like natural disasters if you’re willing to travel fairly long distances to make them. Those tapes in a warehouse across town won’t survive if the entire town is hit by a natural disaster like a wildfire or flood.

For instance, maybe I make an update on my laptop, and then want to access it on my phone. Even with SyncThing, my laptop and phone won’t sync with each other unless they’re able to find each other on the same network. If I’m not on a trusted network at the time, (e.g. I’m at work on my employer’s WiFi, or traveling and using hotel WiFi) that makes syncing difficult. But with cloud storage, they can both essentially use that as a relay. My laptop updates the cloud, and then my phone pulls that update. Now both devices are up-to-date without actually needing to discover each other on a trusted network.

[–] aproposnix@scribe.disroot.org 1 points 1 day ago

I'm currently (for the past 5 or six years) using a nextcloud server (remote) where I store the master. My desktop is typically where I make changes but sometimes on my mobile devices. No mater where I edit the database it gets synced. Knock on wood, but I've never had as issue.

[–] Trilogy3452@lemmy.world 1 points 1 day ago

You can have both and keep a local copy via export once in a while. If the cloud goes down the also most likely your bank website. If you're talking about other types of secrets then the first sentence will apply

[–] clay_pidgin@sh.itjust.works 2 points 1 day ago (1 children)

It's convenient, but not much moreso than keeping the encrypted file in your google drive or whatever and pulling it down once in a while.

[–] nutsack@lemmy.dbzer0.com 6 points 1 day ago* (last edited 1 day ago) (1 children)

I've tried storing encrypted blobs including a keepass database on Google drive and I always end up with hundreds of conflict copies

[–] FauxLiving@lemmy.world 2 points 1 day ago (1 children)

Put the keepass database in a folder and use syncthing to sync that folder.

I just run syncthing on every device that needs my password and they all always have an up to date copy of the database.

[–] clay_pidgin@sh.itjust.works 1 points 23 hours ago (1 children)

What do you use to encrypt the files to begin with? For apps that don't have an encrypted backup option built in.

[–] FauxLiving@lemmy.world 3 points 22 hours ago (1 children)

Keepass encrypts the database with AES-256 by default so there is already a layer of encryption protecting your passwords.

If you use keepass and want to use a third party service to store your files there's a way to setup an untrusted mirror which will encrypt the files before sending it to that client. That way you still have your files elsewhere (often on a VPS, seedbox or other host) but that host doesn't have the unencrypted sync folder just in case you decide to put non-encrypted files in there too.

[–] clay_pidgin@sh.itjust.works 1 points 21 hours ago (1 children)

That's very helpful information, thank you! I'm using bitwarden but looking into switching.

[–] FauxLiving@lemmy.world 2 points 6 hours ago (1 children)

If you use keepass*

I mean if you use syncthing.

Syncthing is what has the ability to set untrusted hosts. You set a password and the files are encrypted with that password before sending it to the untrusted computer.

[–] clay_pidgin@sh.itjust.works 1 points 5 hours ago

Excellent, thank you! Looking into it.