One downside is that i’ll have no more passkeys. The vault syncing, i can do via SyncThing.
Yikes I need to get off lastpass. I’m paying for it too, since years ago they made it so you had to pay to use it on multiple devices.
deleted by creator
I think I’ve done the opposite of most. After using keepassx for the last 4 or 5 years I switched to ProtonPass.
Me three.
deleted by creator
It really depend on your threat model, Proton Pass is fine. Of course a self-hosted or local solution will be more privacy friendly but at the cost of being responsable for security and good backups (3,2 1 rule).
There is no black or white regarding privacy. You want to ask yourself what you want to protect from and is the investment worth being sovereign ?
Wdym by “threat model” ?
I like that I’m able to use keepassxc as a keyring on Linux. I like that there is a prompt on access so no rogue script can real my whole keyring.
I have used KeePassXC for years. I also use Syncthing which syncs files via my wifi for all devices, including KeePass.
Yes, me too. This also solves 2 problems in 1 shot, since I often want to sync / backup other contents between devices too, so it’s perfect, specially for those of us with a NAS at home.
recently set mine up exactly like this, can vouch
yep, thats the way
Works like a charm. Occasionally deleting the sync-conflict files in case they appear.
this is the correct answer
personally I use keepass for important things and don’t sue extension or anything that would pull from it and I use bitwarden for unimportant passwords. not that bitwarden is necessarilly unsafe but im a person who ultimately thinks its best I completely control the important things.
Or use vaultwarden to have the convenience of syncing your data to a personal server or computer and have passkeys.
I think proton is the most blocked by governments group of services in the entire world. To have a backup in .kbdx file sounds at least like a good idea.
I like KeepAss.
Any specific reason that makes Proton Pass less secure? I am curious since I am using both pass and bitwarden at the moment. bitwarden for all my logins and pass for alias + their logins.
I like that KeePass on PC and Android lets you use an autotype feature if autofill isn’t working instead of using copy paste.
It will always be safer to store sensitive information in a system that you control than in a system that someone else controls. KeePass is easy to setup, it’s easy to use, and it provides excellent protection.
I’ve been using Strongbox since 1Password switched to subscription only and it’s been good. It’s based on Keepass and supports all the normal password manager stuff (TOTP, passkeys, etc):
https://strongboxsafe.com/personal/
I use the desktop and mobile apps, and keep my vault stored in my iCloud account so everything is always synced real time without relying on a third party cloud (yes, I know I’m still relying on Apple for that).
Why not just use Apple Passwords app since you’re using iCloud for sync anyway?
I tried it and just couldn’t get on board with it. Severely lacking in features that I use often. Would have been my preference but it came up short.
Why not Bitwarden?
deleted by creator
Look I love fully offline concepts just as much as the next person. But what Bitwarden offers me that those other solutions don’t, is to offload some of the mental load long-term. I like privacy but something are exhausting. Pick and choose your battles.
Less hands on maintenance and mental overhead to keep things synced and all services / files up to date. We bitwarden users have other stuff to do. Different priorities.
This is one of the things I decided to keep to the people who do this far more and deeper than I ever could. Their job. Their liability.
All my accounts are encrypted, cloud accessible, or offline accessible. Protected by a giant hash of a master password. It allows me to feel safe and provides the convenience of copy and pasting insane credentials needed in today’s times. Hassle free. Great features. The end.
*potentially even under free account if you choose.
deleted by creator
Here’s the beauty. You can self host it. They give you the option to choose your method. You don’t have to pay they offer free accounts.
deleted by creator
Doesn’t keypass support passkeys?
As you can see from the thread, this question is divided amongst the cult of “sensible privacy is a thing provided you’re not a criminal” to the cult of “everybody’s on a FEMA/🧊 spreadsheet and they’re working their way down”.
I’d say make sure you use a separate password for proton pass, it’s an advanced option. You are far more likely to get hacked for your money and password manager goes 97% of the way to defeating those attacks.
Don’t take your eye off the ball. The real threats to your wallet have always been the shareholders.
AFAIK, no; keepass does NOT support passkeys. TOTP’s are still fine though.
Sorry, I was thinking of keepasssXC which does have passkey support
I know it’s not your question, but have you checked out Bitwarden or the alternative Selfhosted Vaultwarden. Bitwarden supports passkeys and vault syncing, and if you are offline you can still access your vault.
https://bitwarden.com/passwordless-passkeys/
Bitwarden also released a AIO selfhosted docker image, but last I checked it’s still not in “official release” status.
There’s also vaultwarden which is a super lightweight single container bitwarden server.
Ooh an AIO docker image you say? I may have to look into that.
Its called Bitwarden Unified. Its still in beta at the moment. I have been running this along side Vaultwarden myself.
