lastpass to bitwarden

A word from our sponsor:

The Breast Form Store Halloween Sale Banner Ad (Save up to 60% off)
Printer-friendly version

Author: 

Security mavens recommend that we use a password manager for our online activity.
Username/password pairs suck and we humans are horrible at doing the "right thing" with them. I know that I am.
Over the last few years several tools have been created that address the issue. I've used and supported many of them.
A few products are pretty mature now and easy enough for muggles and other mortals to be able to use.

I've been using lastpass as a personal password manager for a few years. I've loved it and have been pretty satisfied in general. But with the recent announcement that they will want a fee to use the same account on multiple devices I decided to explore my options.

Long story short, I decided to give bitwarden a try: https://bitwarden.com/

While I have not done a code audit on it myself. Nor would I trust the outcome of such an audit if I were to do one, the code is public. https://github.com/bitwarden/mobile

I have read several reviews and tech reports corroborating that it is a zero trust system. I guess that's good enough for me. I've gone a head and installed it. It has the normal browser interface, both flavors of phone app, and a plugin I'm using in firefox, and a cli if you swing that way.

So far so good. It was easy to export my details from last pass and import them into bitwarden. They are visible on the devices I've converted so far. The positive use case seems OK. I'm not sure how I will validate the negative use case. I'm not sure how I'd detect if things have gone bad till I next check my bank balance.

I'll report back if and when things go sour.

Comments

Me too

Iolanthe Portmanteaux's picture

I've been using LastPass (paid account) for five years now, but I'm in the midst of switching to BitWarden as well.

It's partly what you said, but also the functionality seems to have gotten a bit clunky. Also, moving the data over gives me a chance to clean up.

So, yeah, me too!

- io

I love it when folk talk techie jargon

Patricia Marie Allen's picture

I've used computer since the early 70s and it wasn't until Bill Gates got windows happy that I quit using CLI to interface with them. But even then until Windows quit running inside DOS I was still competent.

However, for all the time I used it, I never knew it had a name...(I had to look it up) it was just how you interacted with computers. I used to brag that I was one of the few people not in captivity (employed by Microsoft) that could make DOS sit up and do tricks. But since Windows 7, I've had very little need to keep up and now need a cheat sheet to navigate the command level (CMD).

RE Lastpass.

I've just switched to Lastpast. I'm still evaluating it. Mostly I think I like it. I only have two computers that I might use it on. My laptop, and my wife's tower. I've not thought to introduce it on her computer because she doesn't do hi-tech very well and she really doesn't have any sensitive information on her computer. I do all the only shopping and banking and such on my machine. If someone compromised her computer all they have access to is her boring email, Facebook and Instagram account. The worst that could happen is that someone could hijack her FB account or Instagram account. It would be annoying but not dexterous. I've seen to it that she has strong passwords for those three that are based on mnemonics that she can easily remember. She has them written down and in a drawer in the office in case she forgets.

However if bitwarden has an android version, I might consider it for my phone. My banking app drives me nuts because I don't use it all that often. I tend to get fat thumbed and if I miss entering the password three times, it locks me out for three weeks. The only thing I ever use it for is to check my balance now and then and deposit checks once a month.

Hugs
Patricia

Happiness is being all dressed up and HAVING some place to go.
Semper in femineo gerunt
Ich bin eine Mann

Like you, I could make DOS

Like you, I could make DOS sit up and do tricks. Actually, I like IBM OS better than anything, but it's not available on PCs.

Anyway, one thing that I don't put in ANY password keeper is my banking passwords. To me, and many others, it's just not a safe thing to do.

Teddie

Not since GUI

I last ran DOS Something or another (6.1, 6.2?), then 95 came out, and I started playing around with it. 98 hooked me, and I've only used the command line a few times since. So pray tell, what is a "cli"?

As somebody already asked, will Bitwarden work with Android?


"Life is not measured by the breaths you take, but by the moments that take your breath away.”
George Carlin

Friendly neighborhood CLI

Iolanthe Portmanteaux's picture

CLI is "Command Line Interface." Nowadays it's rare, but some computers have only CLI access.

On Windows, the DOS Prompt is a CLI. So is PowerShell. If you connect via telnet or ssh to another computer, you're going through a CLI.

It's the set of commands that you type. There are no icons or images; just lines of text.

- io

Ah, so

Too damn many acronyms these days. DOS prompt works for me. Last time I Googled an acronym, I got back about 10-15 different possibilities. But thanks for the heads-up!


"Life is not measured by the breaths you take, but by the moments that take your breath away.”
George Carlin

Bitwarden has an android app

crash's picture

Yes Bitwarden has android and ios apps. They seem at least as usable as the lastpass app was.

Your friend
Crash

Thanks for the heads up.

WillowD's picture

I just checked. As of March 16 you can only use the free version of LastPass on PCs or mobile devices. You can no longer do it on both.

I will check out BitWarden.