PasswordManagement: which one of these options would you choose?

captain_obvious@lemmy.wtf to Selfhosted@lemmy.world – 79 points –

Objective: Secure & private password management, prevent anyone from stealing your passwords.

Option 1: Store Keepass PW file in personal cloud service like OneDrive/GoogleDrive/etc , download file, use KeepassXC to Open

Option 2: Use ProtonPass or similar solution like Bitwarden

Option 3: Host a solution like Vaultwarden

Which would do you choose? Are there more options ? Assume strong masterpassword and strong technical skills

107

You are viewing a single comment
View all comments

Vaultwarden behind mutual tls and reverse proxy and https://github.com/oguzhane/bitwarden-mobile until https://github.com/bitwarden/mobile/pull/2629 is merged

But honestly all services you mentioned are worthy.

Anything that fits your needs imao

That PR might be a while....
https://github.com/bitwarden/mobile/pull/2629#issuecomment-1731457466

Considering that android is going to prevent users from importing a CA

Edit:

Wait, I think I have my wires crossed.
I think android is removing the ability for apps to install certs.
The user has to manually install a cert, and then select it in the app

Edit again:
Yeh, this is what I was thinking of:
https://httptoolkit.com/blog/android-14-breaks-system-certificate-installation/

But, thinking about it now, I doubt it will actually affect the feature

"But, thinking about it now, I doubt it will actually affect the feature"

It will not

We don't need to import a custom CA authority here just to insatll a client cert

Using let's encrypt is a lot easier to deal with on the client side than modifying CAs, although the initial set up of the server can be a pain in the ass if you're new to it.