Replacing Lastpass with Bitwarden
Feb 28, 2021 | 3:37 pm
#31
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
I've been using keepass myself. It might be more convenient to use one of the others but I really dread the day we see a report saying "password manager x" has been compromised and that the passwords were not as secured as everyone thought. It might be inconvenient, but at least I can keep my passwords a bit more under my control. No cloud for the file, it's kept on one desktop, one laptop and in my backups.
It does make some issues harder to deal with... Like with the current version giving an access error when I quit on my laptop, but better than the alternatives.
It does make some issues harder to deal with... Like with the current version giving an access error when I quit on my laptop, but better than the alternatives.
edit: it was Andrew Carnegie, not Mark Twain
Last edited by gfunkdave; Feb 28, 2021 at 6:44 pm
Feb 28, 2021 | 6:22 pm
#32
Join Date: Dec 2009
Location: RDU
Programs: DL DM+(segs)/MM, UA Ag, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 3,366
Moved over to bitlocker today from LastPass and also moved from Firefox (decades long user) to Brave (might have to start a thread on Brave)
Really liking both right now.
Really liking both right now.
Mar 18, 2021 | 9:42 am
#34
Join Date: Jan 2003
Posts: 3,893
So after March 16, I could still look up password on LastPass on my phone. I just need to use the phone browser requesting Desktop site with Lastpass.com. I don't really use Mobile Lastpass that much. All the apps you just need to log in for the first time and after that it remembers the login anyway or use fingerprint to unlock.
Mar 20, 2021 | 4:38 pm
#35
Join Date: Jun 2008
Location: YVR
Programs: Aeroplan, AAdvantage
Posts: 2,107
I love Bitwarden because of the built in TOTP feature. And no, it's not less secure -- your phone already has your passwords and authenticator so why not put both in one app? TOTP is mostly against social engineering and malware anyways.
Apr 16, 2022 | 11:57 am
#36
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
Yesterday I switched from LastPass to 1Password. My company set us all up with a company subscription to 1Password, and as part of it we get a free family subscription. I realized I like 1Password better - it feels a little more slick. So, I'll keep using it for the next couple weeks until my LastPass subscription renewal, and then decide.
Apr 21, 2022 | 10:41 am
#38
Join Date: May 2003
Location: Cleveland, OH
Programs: UA-GS 1MM), Hertz Pres Circle, Starriott Titanium)
Posts: 1,971
- The problem with having TOTP alongside the passwords in an app like Bitwarden is that theoretically all of your factors are STORED in one place in the cloud.
- Having a separate App for TOTP (especially one with no cloud backend or a different cloud provider) is definitely "better" because if one of the providers is compromised, attackers don't have both factors.
- I ignore the above two and use the TOTP baked into my password manager for convenience but I'm also cognizant of the "risk" in doing so. My risk/convenience decision may be different than for others.
- For any account that allows it, I use a Yubikey instead for multi-factor. I always have a Yubikey around my neck, and unlike TOTP, Yubikeys are not vulnerable to any known man in the middle attacks (yet).
- Native password management (doesn't work in other browsers other than Safari though
) - TOTP support baked in
- A notes field against every entry.
Apr 22, 2022 | 12:07 pm
#39
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,743
I'm curious how the design and integration with Apple products differs - as I understand it they all have to use the same APIs for iOS/iPadOS so they all work the same. I don't have a Mac so I can't comment if that's different.
LastPass and BitWarden are "backed by people in the cyber security world" too. LastPass is owned by LogMeIn, which is a large company. 1Password seems to still be a smallish Canadian company. Not sure how that squares with your assertion that 1Password has more funding or is big.
I'm not saying 1Password is a bad solution. Plenty of people use it and like it. I just am saying that LastPass/1Password are functionally the same and I haven't found a clear reason to use one over the other. I've used LastPass for years and would switch if something better came along, but just haven't found a reason to switch. Plus, I like being devil's advocate
.
LastPass and BitWarden are "backed by people in the cyber security world" too. LastPass is owned by LogMeIn, which is a large company. 1Password seems to still be a smallish Canadian company. Not sure how that squares with your assertion that 1Password has more funding or is big.
I'm not saying 1Password is a bad solution. Plenty of people use it and like it. I just am saying that LastPass/1Password are functionally the same and I haven't found a clear reason to use one over the other. I've used LastPass for years and would switch if something better came along, but just haven't found a reason to switch. Plus, I like being devil's advocate
.Anyway, Bitwarden is pretty tempting to switch to since I can store passwords somewhere I trust (much like what I do now with 1Password), whereas most of the other services seem to require you store your passwords on their servers. Not that the others are necessarily untrustworthy, mind you, but it's a bit extra peace of mind.
Apr 30, 2022 | 1:41 am
#40
Join Date: Jun 2008
Location: YVR
Programs: Aeroplan, AAdvantage
Posts: 2,107
Bitwarden stores all your vault encrypted with your master password so merely breaching Bitwarden servers are pointless. Decryption only happens locally. And, again, if you are hacked locally, it matters really little whether you have factors in separate apps.
May 2, 2022 | 8:09 am
#41
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
Bitwarden, LastPass, and 1Password all do this.
May 15, 2022 | 12:46 pm
#42
Join Date: Apr 2022
Programs: AA: EXP Delta: DM
Posts: 113
BitWarden
No Tags
No Document storage w/linking
No Apple Watch unlock
Includes trackers
No creation of new items offline (at least when I last looked)
No Travel Vaults
Only place BitWarden is better than 1Password is price Functionality and polish are nowhere near 1Password
No Tags
No Document storage w/linking
No Apple Watch unlock
Includes trackers
No creation of new items offline (at least when I last looked)
No Travel Vaults
Only place BitWarden is better than 1Password is price Functionality and polish are nowhere near 1Password
May 16, 2022 | 1:39 pm
#44
Join Date: Dec 2009
Location: RDU
Programs: DL DM+(segs)/MM, UA Ag, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 3,366
Trackers?! Not on my installs.
Disclaimer: I currently use the $10/yr bitwarden service. Previously used Lastpass and before that 1Password.
May 18, 2022 | 4:34 am
#45
Join Date: Apr 2022
Programs: AA: EXP Delta: DM
Posts: 113
I see no value in any of those, and negative value in a few...
Trackers?! Not on my installs.
If you prefer form over function and don't mind (over)paying for it, 1Password is a good solution. For those of us who prefer the opposite, bitwarden is a better fit. All things being equal, I would almost always take the open source solution I can run at home over some proprietary SW.
Disclaimer: I currently use the $10/yr bitwarden service. Previously used Lastpass and before that 1Password.
Trackers?! Not on my installs.
If you prefer form over function and don't mind (over)paying for it, 1Password is a good solution. For those of us who prefer the opposite, bitwarden is a better fit. All things being equal, I would almost always take the open source solution I can run at home over some proprietary SW.
Disclaimer: I currently use the $10/yr bitwarden service. Previously used Lastpass and before that 1Password.