Dropbox Passwords lets you seamlessly sign in to websites and apps by storing your passwords. The Passwords app remembers your usernames and passwords on all your devices—so you don't have to. Bitwarden Bitwarden is open source. There's a core server written in C# and then there are multiple client apps (iOS, Android, desktop). The backend appears quite heavy weight.
I have been looking to replace my password management setup for a few monthsnow. Up until now I was using KeePassXC, but I never got around to putting inthe work to make it work properly on mobile.
I understand that the standard solution is to just get the file synced on yourphone using Dropbox and then install a mobile app which can read the file off ofDropbox. But the idea that all my passwords are in one single file somewhere onthe internet (cloud, if you will) is a bit disturbing.
Incidentally, this is also the reason I never got around to using 1password,Lastpass, or other cloud-hosted password managers.
This is not to discount the work that the security folks at these companies areputting in on a daily basis to make their services secure. And I know that mypasswords file is encrypted. I've just seen enough mistakes happen and I'd liketo avoid being a part of one. Intego antivirus for mac.
I have been looking to replace my password management setup for a few monthsnow. Up until now I was using KeePassXC, but I never got around to putting inthe work to make it work properly on mobile.
I understand that the standard solution is to just get the file synced on yourphone using Dropbox and then install a mobile app which can read the file off ofDropbox. But the idea that all my passwords are in one single file somewhere onthe internet (cloud, if you will) is a bit disturbing.
Incidentally, this is also the reason I never got around to using 1password,Lastpass, or other cloud-hosted password managers.
This is not to discount the work that the security folks at these companies areputting in on a daily basis to make their services secure. And I know that mypasswords file is encrypted. I've just seen enough mistakes happen and I'd liketo avoid being a part of one. Intego antivirus for mac.
Requirements
My requirements were fairly simple. I wanted something that
- is open-source
- allows self-hosting
- works on mobile
Bitwarden Vs Dropbox
.. in that order.
Turns out that just these 3 requirements narrowed down the search toBitwarden.
Bitwarden
Bitwarden is open source. There's a core server written in C# and then thereare multiple client apps (iOS, Android, desktop).
The backend appears quite heavy weight. Being written in C# and talking to a SQLserver installation, it's not exactly what I would call 'deployment friendly'.Luckily, they provide a Docker image which you can use to self-host the wholething.
While this works on a modern machine, I wanted to run Bitwarden on a spareRaspberry Pi connected to my home network where the system requirements are abit less than what the Docker image requires.
It turns out that I'm not the first person to run into this problem. @jcsalready wrote a Ruby server which is API-compatible with the 'official'Bitwarden backend. This implementation is very lightweight, and completelydoable for the Pi. So all I had to do was create a new bitwarden user on thePi, install rvm, git clone the repository, and then start the serverprocess.
The only problem left now was setting up a static IP for the Pi so that thedesktop client on my laptop and the iOS app on my phone know the(static & private) IP address they should be connecting to. Luckily my modemsupported allocating the same IP to devices based on their MAC addresses so thiswas also easy.
Migrating from KeePassXC
rubywarden includes a script to import existing KeePassXC database files, andit worked without any problems. The script somehow didn't handle my KeePassXCfolders very well. So an entry called 'Google' in the 'Internet' folder wasimported as 'Internet/Google'. Those slashes look pretty annoying, so I tooksome time out to delete some unused passwords and organize the rest intofolders.
Migration was a non-issue, I would say.
Caveats
The only caveat with this system that I can think of right now is that whenyou're not at home, you won't be able to save/edit/delete passwords. You'll beable to read just fine, but editing won't work.
The reason is that your client apps are configured to talk to a private IPaddress (of the Pi in this case). But so far I haven't had the need tosave/edit/delete passwords when I'm outside. And reading them works just fine.
If this is important for you, then this is probably the price you pay forkeeping the passwords on a machine you can physically look at.
Bitwarden Dropbox
But overall, I find this setup quite nice to work with.
