Concerns Raised Over Bitwarden Moving Further Away From Open-Source - eviltoast
  • ocassionallyaduck@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    29 days ago

    An online database is still a file ultimately. A SQL or other DB file stored in a webserver, accessed through a web interface.

    Vaultwarden, etc, are the same, only the database file is less directly visible IMO. Keepass IMO is simple. The DB in a bespoke format, stored outside the application.

    You could put the vault in system32 and name it “trustedinstaller.log”, and if someone saw you had keepass they wouldn’t even know where your vault is.

    Given the number of well documented breaches of online password vaults, I would much rather do a private device to device sync via syncthing and keep it out of webservers.