LastPass recently announced that it will limit access to the cloud to one device per user, so if you’re using it to sync your passwords with your phone and computer, you won’t be able to do that from March 16.
Many users criticized the company on social media and some believe it may have dug its own grave with that decision. From the company’s point of view, they are downloading free users while probably retaining their premium customers. And in doing so, they are getting rid of a large part of the server load and possibly saving resources that would otherwise be used for customer support, this could be a profitable change for LastPass.
Anyway, we will not discuss this. The most important thing here is your choice, what is a good alternative to LastPass? Which are you moving to? I was intrigued by the comments on social media, reddit and, of course, here on the blog. Most users appear to be switching to Bitwarden or KeePass. Some of you may be confused which one to go with?
When people think about KeePass, I believe they don’t consider it a cross-platform program or capable of cloud-based synchronization. They look at it as an open source password manager for computers, right? That’s the problem. Not many people are aware of the various mobile apps you can use to complement KeePass, more on that later.
Which one will you choose? KeePass or Bitwarden?
Bitwarden’s strong point is the availability of official applications and ready-to-use cloud-based sync between devices. You have to sign up for a Bitwarden account on the PC or browser or mobile app, import your passwords into it. To use it on other devices, download the app on your phone or the browser add-on or the desktop program and you’re good to go. In my opinion, that is exactly why users want to use the service.
After all, it is what attracted users to LastPass in the first place, the synchronization between devices. And I confess that I betrayed KeePass in favor of the LastPass mobile app (autofill is a life saver on small screens) for a few years, before learning about KeePass mobile forks and returning to it.
With Bitwarden, unless you are hosting the server on your own (really, how many will do it?), You are essentially saving your passwords on company servers. I’m not saying it could be, but if the server is compromised, it can affect your accounts. Hey, the chances of that happening are low. But it is a possibility, right?
Update: the data that is transferred between the user’s devices and the Bitwarden server is encrypted from end to end. Successful attackers will not have direct access to a user’s stored passwords and other data as a result. End
KeePass, on the other hand, does not rely on the Internet to function. Your database is encrypted offline and remains secure if you use a strong password, and this is your strong point. You have to take care of all the protection, on the other hand.
What if I want to access my KeePass database on my mobile devices. This is KeePass biggest problem, it doesn’t have an official mobile app. Instead, it has a ton of forks, some of which are recognized by the developer, which you can take as a sign that they are considered safe until proven otherwise.
As an offline tool, you don’t need to create an account to start using it, just set up your database using your computer’s official desktop program or using one of the unofficial (open source) mobile apps. To synchronize the database between your computer and your phone, all you need to do is save the database file in a cloud storage service folder, such as your Dropbox, OneDrive, Google Drive, etc., or your self-hosted server.
This basically provides a double layer of security, so that a hacker first needs to access your cloud storage server and then has to ignore your database master password. Even if the first is possible, the chances of the second are very small. This is, in my opinion, a safer option than having a cloud-based system, like the one employed by Bitwarden.
You can further minimize the risks by eliminating the middleman, that is, using local synchronization via USB, FTP / SFTP, SyncThing, etc. and still have your devices synchronize your KeePass database (multiple databases, if desired).
Personally, I use the official KeePass desktop program with the database saved in my Dropbox folder and I have the Keepass2Android app (also has an offline version) on my phone. But there are good alternatives like KeePassDX and KeePassDroid, although they don’t support cloud services.
You can go either way, both are very good and have their own pros and cons.
Now you, which LastPass alternative will you choose: Bitwarden or KeePass.
Summary
Article name
Migrating from LastPass to an alternative password manager? KeePass vs Bitwarden, which one will you choose?
Description
Now that LastPass will severely restrict free users, you are switching to a different password manager. Will you choose Bitwarden or KeePass?
Author
Ashwin
Editor
Technology News from Ghacks
Logo
Advertising