I’m moving away from Bitwarden and all cloud based password managers. Sorry to say that the recent ‘downtime’ where i was logged out of all instances really doesn’t sit well with me. I’ve used cloud services for years and downtime doesn’t have to mean being logged out across all platforms. It just reiterates to me that having all your important data stored online is not reliable. I’m returning to offline data management. I am disappointed because I was really hoping Bitwarden would work for me long term. Goodbye.
People who just advertise they’re leaving or canceling a service are crying out for reassurance.
If you’ve found a better service, then by all means move away. You can also self-host your service if you want and will only have yourself to blame for any downtime.
Nobody guaranteed 99.99% uptime.
From a previous off-line password manager user’s perspective, the primary reason for me to use a cloud-based solution is the convenience of having some form of the apps everywhere. The drawback is I feel the need to pay attention to the security arrangement considerably more. If convenience isn’t that compelling for me, I wouldn’t be using it.
Being temporarily offline is not a big setback for me, because I can use a backup to get an offline solution up in a snap. Keepass does import BW’s .json file directly.
Agreed. This is a matter of how many belts and braces one wants to have. If Bitwarden was to stop working in five minutes I would have enough backups to continue accessing my accounts fairly quickly.
Ditto here Davidz!!
What are your backups? I should probably have an option just in case.
I use bitwarden (cloud) primary and have a vaultwarden server selfhosted for backup. Beside of this, i use enpass as a different soltution …
These days, having used Bitwarden for nearly four years (most of that time the paid version), things are fairly stable. I have to scratch my head to recall such details, but here goes:
-
old school backups - the relevant keys etc are printed on pieces of paper, which are kept securely, not all keys, just the important ones so few pieces of paper. As it happens I printed one of these out a few days ago for one account.
-
KeepassXC - has a copy, as and when I remember to export from Bitwarden. I really should automate this and one day I intend to get round to it:-) KepassXC only runs on local machines. The password file is on one of my (small) RAIDS, which is automatically backed-up to a second (small) RAID. Every once in a while I use KeePass to log into random places, to check I can still use it and it works.
-
Encrypted exports to a few memory sticks.
-
Encrypted exports to one RAID (automatically backed up to the second).
-
Encrypted exports to a HDD. I retain an old school HDD in my computers for many reasons, one of which is that stuff can be deleted from it fairly reliably.
-
Encrypted export to a Google drive. Don’t panic, nothing of importance goes straight to Google for them to spy on. Before the encrypted passwords go to Google VeraCrypt has encrypted them again. I don’t consider this any more dangerous than them being stored by Bitwarden in the USA.
-
Bitwarden themselves.
There are trade-offs involved here.
To me the important thing is not to lose access to sites. For that reason I have lots of backups, most automatically generated and stored in different places/on different media.
If I was more concerned about others having access, perhaps because I was a criminal or whatever, then I would have fewer backups and accept a higher risk of loss of access.
Only you can decide where you want to be on that line and where you want to put your slider.
I rely on Bitwarden greatly every day. My “other” backups are my Firefox and Apple Keychain profiles. Bitwarden, Firefox, and Apple would have to fail for me to be (mostly) f%^&ed.