Give me a Reason

I am still using KeePassXC and on my Phone KeePassDX.
Bitwarden still lacks many important features like logging into applications.
So, community and developers, give me a reason why it is worth switching to Bitwarden…

2 Likes

Keepass XC and Keepass DX are really good password managers. I really don’t know if I can convince you to switch. But here are some reasons.

  • All credentials are synced across devices. Bitwarden clients are available on all major operating systems. In the case of Keepass, you have to search and find a suitable client for your OS or browser. It kind of sucks, as it requires some amount of research and time. All these clients are made by different developers. Also setting up synchronization for a Keepass database is also complex. Sometimes the database may even get corrupted. With Bitwarden, you really don’t have to worry about these things.

  • You can easily share passwords with your family.

  • Bitwarden app is really good. It is easy to use and the UI is good. There are no major bugs or issues.

  • The web vault is also great and I think you will use it more than the desktop app.

  • With the premium version, TOTP codes can be stored easily. This is a really convenient feature.

  • The app is open source(yes, I know keepass is FOSS) and the community is active. Lot of people contribute to this project in someway. The Bitwarden team is friendly and you can get in touch with them very easily. If you face any issues, we or the team will help you out. Bitwarden also has a bug bounty program on Hackerone. The bitwarden subreddit is also very active.

  • The clients are available in more than 40 languages, which I think is awesome.

  • The help documentation is really good.

  • Most importantly, you can self host Bitwarden if you want.

  • Also, more and more features are being added to Bitwarden or will be added. Check out the roadmap

3 Likes

IMHO the most important feature - logging into applications - is missing for many years.
And I am still not sure if it is safe to store such sensitive information - like passwords - in the AMazon Cloud.

1 Like

Well, you just have to have to trust them or self host Bitwarden.

Nothing is safe. The question is balancing safety and convenience. Everything involves compromises.

I was sceptical about a password manager until I though the issues through, tried a competitor and finally settled on Bitwarden.

1 Like

Exactly. I have explored this route before I came to Bitwarden. Lots of different (payed) clients for iOS. Difficult UIs. No feature parity. Etc.

I still think that in a modern era with people using a lot of different devices where you need access to your passwords an integrated solution like Bitwarden, LastPass or 1Password is the only way.

For now I have settled for Bitwarden. 1Password is too expensive and I don’t trust the LastPass owner. But that’s a personal opinion.

1 Like

With KeePassXC I have a browser add-on directly from the developers.
And KeePassDX is free on Android.

In the roadmap I see NO plans for the feature “log into applications”.
In my eyes this is the most important missing feature…

With KeePassXC I have a browser add-on directly from the developers.
And KeePassDX is free on Android.

Yes I am aware of this. But Keepass DX is made by another developer and it is only available on android. If you are on iOS, then you have to find another password manager like Strongbox.

The point is, pretty much for each operating system, you have to do a little bit of research and find the most suitable one, which just seems weird. On Android, there are a lot of Keepass implementations and it can be difficult to choose one. But on iOS, there are only few managers.

In the roadmap I see NO plans for the feature “log into applications”.
In my eyes this is the most important missing feature…

Yes this is an essential feature that Bitwarden still doesn’t have. Windows and MacOS still don’t have the API or something for filling up passwords, it is under development. There is a post about this in the forums. Probably, the team will make this only available after the development of the API.

In this point you are right, but some users might say that it is good to have the choice in Android to choose between different clients (and also different features).
And in Android most KeePass variants are for free.

I know this other topic, I have posted it in May 2018 (2 1/2 years ago).
It has 347 votes and is the 5th most voted feature:

But I am not sure if the API-way will work with all applications (I posted this question already in that topic).

Yes, definitely having more options to choose from is great.

We will just have to wait and see what the team will do.

Bitwarden is open source. So one could develop it yourself and file a pull request. Or find a friend that will.

1 Like

I’ve been in very much the same position about two years ago. Used Keepass on Windows, then Keepass and KeePassX on Linux, and even another client on Android. To synchronize the database I used services like Dropbox, OneDrive (I used a key file which never left my devices, since I didn’t fully trust these public clouds) and later hosted my own Nextcloud (and still do) and was happy with that.

If it was only about me, I would still be using Keepass and all its alternative applications on each different OS (yes it is intense work to get to trust each different work, but mostly initial work) since they are full of cool features and mostly work seamlessly with each OS.

The time came where I wanted share all these cool features with my family, because it really hurt my soul seeing them struggling with passwords (where did I hide my sticky note, what service is this password for again and uh I don’t know if I have an account there, ah yes I have because I can’t register with my email so let’s just reset the password) and if you are the IT guy, you probably already know what’s coming next.

Now try to explain your Keepass set up with a file sharing service with different clients on each OS, one way and two-way syncs, different Keepass clients, a key file, the importance of backups and a safe master password to someone who is not all that interested in IT topics. Because if you want to do these things right, you need to know what you are doing or you are bound to end up in a disaster of lost passwords.

So I was looking for something I was able to explain relatively easy to other people in order to share the safety of generated passwords. This is were Bitwarden was great for because of all the reasons stated above.

To this date I am a tad proud to say that all the people I introduced Bitwarden to, never lost a single password or had their accounts hacked (to my knowledge).

I hope I could give you even another perspective as to why Bitwarden might be a good option for you.

4 Likes

Good information thanks for sharing
fieldengineer

Hello Dan,

thank you very very much for your detailed answer, it contains really very good information and arguments!

But I am still not sure if I should dare to switch to Bitwarden.
There are many missing features and many security concerns on my side:

  • Storing passwords on cloud servers is risky.
    Even if the file is SHA-256 encrypted, it is hackable (takes some times but it is feasible).
    I read quiet often that there was a breach because of a misconfigured cloud service (an employee accidental opened the cloud storage to everyone), and this happened also to the big players in the cloud storage business.
    And setting up my own instance is no option (I am not good enough for this and have not enough time).

  • No login into applications
    I requested this feature 2.5 years ago but it is still not implemeted.
    With KeePassXC I can do very powerful Auto-Type sequences, like here for the game Star Citizen:
    {USERNAME}{TAB}{PASSWORD}{ENTER}{DELAY 2000}{TOTP}{TAB}{UP}{UP}{UP}{UP}{ENTER}{TAB}{TAB}{ENTER}
    This enters the username, presses TAB, enters the Password and presses ENTER.
    In Star Citizen a second form is shown for the TOTP, so the Auto-Type waits for 2 seconds to give the system enough time.
    Then it enters the TOTP and presses TAB to jump into the combo box where I can select how long I the login should be stored (default is “One Month” what is too long for me).
    So the sequence presses the UP key 4 times to select the entry “This session only” and presses ENTER to close the combo box.
    Last the sequence presses TAB two times to focus the “Authenticate” button and executes it with ENTER.
    .
    There are many apps where I have defined and Auto-Type sequence, like Steam, GeForce Experience, Database tools, security tools, etc (here I mostly have the default Auto-Type sequence {USERNAME}{TAB}{PASSWORD}{ENTER}
    But in Bitwarden this is not possible and the team did not tell me here in the forums if this feature will ever be implemented and if yes: HOW it will be implemented.

  • Manual import of 1046 entries
    In KeePassXC I have 1046 entries in 158 groups and I have to import them all manually.
    I know there is an import but I want to have the login fields filled correctly (Bitwarden stores the field names in the database and this happens only when I add the entry by logging into the website).

  • No expired entries
    In KeePassXC I have 123 expired entries that I want to keep (might be idiotic, but I am so).
    These expired entries are in a separate group where I have configured that they should not be used in searches and in Auto-Login.
    This feature is not existing in Bitwarden (also suggested years ago).

  • User-Defined Icons
    I have entries, where I added user-defined icons, like: Software Licenses, WLAN, Hardware (like login data of my phone), etc.
    Also this simple feature has not been implemented yet.

I also see the chances and benefits sharing my passwords online with Bitwarden.
Especially when my family wants me NOW to share my passwords (not is some years).

But switching to Bitwarden is a step-back in functionality.
And I am very disappointed that implementation of my suggestions takes years (I posted many suggestions but stopped, when there was no reaction of the Bitwarden team).
And when I look at the roadmap then I see no interesting features planned.

I really want to use Bitwarden, but these guys really make it hard!

Best regards

OLLI

No. It is not. I could hand my keepass database to the FBI and give them a few thousand years, and they wouldn’t be able to crack it. By that time, I won’t care. If you have a password that must be brute forced and it is over 15 or 20 characters, it is simply not crackable if the system is properly implemented with iterations and salting. Probably even without them.

I am a long time proponent of Keepass. I support it. I put it on all new computers I setup. Keepass works fine on Linux and also on Android. But, there are no acceptable applications for iOS or Mac. To sync properly between say, Windows and Android requires somewhat complex triggers in windows to sync to a folder that is synced to the cloud with Dropbox or similar. I generally don’t want to deal with that for most clients.

So, for iOS, or where syncing is needed, or for Mac users, Bitwarden is the best option I’ve found.

But yes, I’d hate to be without logging into apps. I use the triggers and Dropbox solution and I only need to deal with Android and Windows. All that is avoided with Bitwarden.

Just one more annotation:
I posted 2 years ago an issue in GitHub, where I wrote websites, where Bitwarden does not ask if the credentials should be stored:

Also here nothing happened!
I tested it right now for http://fritz.box/ in Edge Chromium, no question shown.

Maybe @tgreer can post some information here?

I thought mobile password managers did not have this feature. Google does ask me to save the login whenever I create an account or login within an app. But I don’t really save it because I use Bitwarden. Mmmmm…I would really love to see this.

@vachan I am talking about the browser extension in Windows, using Google Chrome (2 years ago, when I posted the issues in GitHub) and Microsoft Edge Chromium now.

We’re dealing with very large numbers, cracking 256bit encryption is not going to happen in all our lifetimes combined.

One solution is to do that password salting thing.

Where you only store part of your password in your vault and then append the rest when you log in.

What you store in your password manager - 3fGbmKajT

The real password - 3fGbmKajTsecret

“secret” is the salt, just add it when you log in. If someone hacked your vault they would not have the real password. I would only do this to a few passwords like email or banking.

As for logging into applications I still keep around a copy of KeePassXC for this exact reason. Bitwarden is the master database but I also use KeePassXC to auto-type passwords. There no law against using 2 password managers. I like doing this for archived accounts too, all the old accounts go in KeePassXC to keep Bitwarden from getting filled with junk.

The rest of the points you make seem very weak, as if you’re looking for excuses to not use Bitwarden. Like not having expiring entries is not a perk, no one recommends changing passwords often especially if they’re randomly generated. If you do need to change them often why not set up a calendar reminder as that would be more effective at reminding you.

1 Like

Sorry, I did not check that. Bitwarden does have this feature but it needs improvement