Jump to content
vpk

Other password managers

Recommended Posts

Now that Enpass 6 is what it is, what alternatives are you considering? My biggest requirement would be that the implementation is totally open-source, to prevent a vendor lock-in.

 

  • Like 2

Share this post


Link to post
Share on other sites

Bitwarden, pretty easy to set up the self hosted server and it has all the desktop/mobile/browser apps + the code is also available on Github. I really liked Enpass, but the v6 ruined it for me. It's not trustworthy anymore.

  • Like 2

Share this post


Link to post
Share on other sites
9 minutes ago, xarlatan said:

Bitwarden, pretty easy to set up the self hosted server and it has all the desktop/mobile/browser apps + the code is also available on Github. I really liked Enpass, but the v6 ruined it for me. It's not trustworthy anymore.

"Bitwarden: it's really free, not a fake "free trial free"" - I believe they summed up the Enpass correctly ;-)

  • Like 1

Share this post


Link to post
Share on other sites

But Bitwarden stores the data in the cloud.
I would never store such sensible data in the cloud, so I quit using Bitwarden (I tested it several months with some harmless entries).

Edited by OLLI_S

Share this post


Link to post
Share on other sites
17 minutes ago, OLLI_S said:

But Bitwarden stores the data in the cloud.
I would never store such sensible data in the cloud, so I quit using Bitwarden (I tested it several months with some harmless entries).

perfect but let me know please if you use Enpass offline only then? if so how do you sync between phone and desktop? because if you say you use any cloud solution there is no difference (much at least) between fully encrypted vault from Bitwarden on their server and iCloud/OneDrive/Google/Dropbox (you name it)

on top of that:

1- Bitwarden just got fully audited by 3rd party company and report is available (nothing for Enpass even scheduled)

2- Bitwarden is fully open source (Enpass is proprietary - you have NO IDEA how they implement anything)

3- you CAN implement your own solution (cloud service) for Bitwarden (that is what I am exploring now)

There is NOTHING fully secure - it is only a matter of resources to get things "done" (read: deciphered) 

Edited by zyghom
addition

Share this post


Link to post
Share on other sites
36 minutes ago, OLLI_S said:

But Bitwarden stores the data in the cloud.
I would never store such sensible data in the cloud, so I quit using Bitwarden (I tested it several months with some harmless entries).

I repeat: "pretty easy to set up the self hosted server"
Please read a whole sentence next time

Share this post


Link to post
Share on other sites

Is this, a forum provided for you at no cost by Enpass, really the place to discuss alternative password managers from their competitors?

Edited by pineman

Share this post


Link to post
Share on other sites

@xarlatanI did read all sentences, why did you assume that I did not read them?

I know that Bitwarden allows to set up a self-hosted server.
But the average user (like me) that never set up a web server will use Bitwarden with the data in the Bitwarden cloud.
So I would never store my data in the Bitwarden Cloud and I will not set up a self hosted server (because I never did).

2 hours ago, zyghom said:

perfect but let me know please if you use Enpass offline only then? if so how do you sync between phone and desktop? because if you say you use any cloud solution there is no difference (much at least) between fully encrypted vault from Bitwarden on their server and iCloud/OneDrive/Google/Dropbox (you name it)

I sore my vault locally and yes, I sync it to OneDrive.
But here hackers have to break into OneDrive and then den hack the Enpass vault.
If hackers get access to the AWS storage of Bitwarden (may it be a hack, may it be an human error by Amazon) they have all data.
I feel safer at OneDrive and this is my personal opinion.

2 hours ago, zyghom said:

1- Bitwarden just got fully audited by 3rd party company and report is available (nothing for Enpass even scheduled)

I know the audit of Bitwarden and also about the results.
At the Enpass website I saw at the bottom that there is also an audit available: https://dl.enpass.io/docs/EnpassSecurityAssessmentReport.pdf
I did not read the Enpas report yet, so I can not tell how deep they went into the code...

2 hours ago, zyghom said:

2- Bitwarden is fully open source (Enpass is proprietary - you have NO IDEA how they implement anything)

This is correct but here I trust the developers.
Maybe this is silly but I do.

2 hours ago, zyghom said:

3- you CAN implement your own solution (cloud service) for Bitwarden (that is what I am exploring now)

See above, I have not enough knowledge (although I am programming) for setting up a web server.

2 hours ago, zyghom said:

There is NOTHING fully secure - it is only a matter of resources to get things "done" (read: deciphered

This is also correct and I hope that the developers did a good job and that the audit analyzed the whole source code.

Best regards

OLLI

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, pineman said:

Is this, a forum provided for you at no cost by Enpass, really the place to discuss alternative password managers from their competitors?

yes, and only because developers made the Enpass.. you know what they did with 6.x version and why all this discussions started

you should have been here before 6.x - that was really TECHNICAL forum with state of the art answers from devs

now... look around 

  • Like 1

Share this post


Link to post
Share on other sites

I am new here in the forums but I recognized that it takes weeks before I get a reply.
Even at topics where I asked about the pricing.

Share this post


Link to post
Share on other sites
Just now, OLLI_S said:

I am new here in the forums but I recognized that it takes weeks before I get a reply.
Even at topics where I asked about the pricing.

pricing actually is on the front page so ... ;-)

but the rest I must agree - it used to be better here ;-(

Share this post


Link to post
Share on other sites
2 minutes ago, zyghom said:

pricing actually is on the front page so ... ;-)

So the devs answer postings on the front page faster than in the sub channels?

Share this post


Link to post
Share on other sites
2 hours ago, OLLI_S said:

@xarlatanI did read all sentences, why did you assume that I did not read them?

I know that Bitwarden allows to set up a self-hosted server.
But the average user (like me) that never set up a web server will use Bitwarden with the data in the Bitwarden cloud.
So I would never store my data in the Bitwarden Cloud and I will not set up a self hosted server (because I never did).

I did, because my post was about the self hosting aspect and it was not mentioned in the reply. Mostly because people nowadays do not read most of the stuff anymore. In this case I assumed wrong, my apologies.

I made the effort to change all my passwords and then switched to another solution, because all of this situation seems suspicious to me.

- All answers which you read are from same guy (yes, small company I know)

- No official statement about this forced update and absolutely no help to convert you DB back to v5. So let's say you have 50 installations and some of them updated and others didn't. Now you can't go back at all, neither sync them...

I will still follow the development, because it started as a very nice software.

Share this post


Link to post
Share on other sites

as far as I explored Bitwarden: that one is really ONE MAN show - 8 bit company is 1 person only

at least here in Enpass we see (saw) few guys from the devs team

and frankly: if I was a dev I would have hired 1 person to answer all forum messages - PR like - devs job is to write software not answers to users questions, right? ;-)

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...