In the latest episode of “they will always sell you out” - they sold you out! Who would’ve thought.
Hoping for a good alternative client to appear, the writing is on the wall. Vaultwarden can’t exist without “leeching” off of Bitwarden.
For once ADHD preventing me from completing a migration is a boon, I guess I’ll move back to keepass
Ah shit. Here we go again!
Can anyone say “Enshittification”!
Enshitification coming right up!
Move to KeePassXC or its recent LLM-free fork while you still can, because at some point Bitwarden is going to try to go closed-source again.
Oh crap, how’s KeePass got an LLM involved‽ Time to look into this now…
I did find https://codeberg.org/ChiPass/ChiPass , but it looks like a very new project.
Once again, enshittification by the fucking suits.
Early on I decided to use only KeePass for full personal control instead of an online service. Didn’t regret making that decision.
Vaultwarden here I come
No, KeePass. Fully open source, no cloud involved in any way, unless you want something to sync your data (the server only ever sees your encrypted database - all encryption and decryption is done locally). You can also host your own sync server using any of a variety of different protocols.
Yep. Seconding this!
KeePass + Syncthing is the best.
Back up the database(s) regularly. (Syncthing can also retain
xnumber of versions and things like that, but also do your own 3-2-1 backups.)You can use something as simple as a Pi, or an old laptop, or even an old phone if you get creative, as an always-on syncthing server to keep them synchronized. KeePassXC even has a fancy integration with Firefox, so all you gotta do is unlock your database and click autofill on websites.
Yup, been doing this combo for 5-6 years now.
I use KeePassXC on desktop and KeePassDX on Android. No issues whatsoever.
I do have a NAS so that’s my “always on” device for Syncthing. Everything syncs up within like 10-15 seconds when a device connects.
I also use a key file as a pseudo 2FA that I keep on a flash drive, so you’d need my master password and my key file to unlock the database.
I use KeePass + KeeAnywhere. KeeAnywhere will sync with a wide variety of cloud storage providers. Or your own S3 data bucket server (can be self hosted or on Amazon), if you prefer. Does pretty much the same thing though with versioning. Auto filling in Firefox is done with KeePassHttp-connector on the Firefox side and the KeePassHTTP plugin in KeePass. Similar to what you describe.
Ok thanks for the heads up
Fuck
Glad I started using Vaultwarden a while back. Just need to find better apps for android and Firefox I guess because I’m guessing they’re going to try to break compatibility.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters IoT Internet of Things for device controllers NAS Network-Attached Storage SSH Secure Shell for remote terminal access VPN Virtual Private Network
4 acronyms in this thread; the most compressed thread commented on today has 20 acronyms.
[Thread #295 for this comm, first seen 16th May 2026, 03:30] [FAQ] [Full list] [Contact] [Source code]
Has Vaultwarden said anything yet? I imagine that, if necessary, given that bitwarden’s client is still open, at the point they choose to try and close it, we, the users, can fork it and establish it for vaultwarden, correct? Or, maybe even the vaultwarden team will think about forking it themselves and making a light client as well to pair with the current server.
But Vaultwarden can exist without “leeching” they just haven’t needed to yet. That’s more symbiotic than parasitic. The parasite class just took over Bitwarden after all.
Not to my knowledge. As far as forks go, that’s true. However, Vaultwarden would need to become an independent team, and even if they don’t take over maintaining the client, someone else would need to become independent. While it can work, it can also lead to very nasty, longstanding bugs or security issues due to scale, budget, and effort. I see this a lot with Apple apps for example - smaller developers understandably don’t want to deal with Apple’s crap and costs, and everyone suffers in the end.
If you look at the current state of the cybersecurity world, it’s not kind to open-source developers. AI-generated BS is dredging up vulnerabilities on all sides. So security is also a big concern. Someone like Bitwarden has a lot of budget to swing.
Vaultwarden itself is incredibly good, but not perfect:
You’re right. And that’s why more of us need to contribute and spread the word of projects to support them.
Honestly, FOSS is our last bastion against this consumerist hellscape. I’m working on learning to build my own discord-like front end on matrix specifically for gaming. But I’m just one guy. We’ve all gotta pick where we place our effort and support those around us similarly.
Vaultwarden taking over bitwarden, should they shut doen as open source, I think would be entirely worthy. But it might need more people to either help vaultwarden or maintain it on their own, you’re right.
To me, seeing and learning about all of these projects gives me hope. All of these people and communities working to build things out of passion and dedication, because they care and want to provide value to others. No profit motive necessary. We just need to be there to support them as we’ve tied capital to our survival currently.
What is your matrix front end called?
It doesn’t exist yet 😅 as I said, still learning and trying to avoid using AI as a lot of vibe coded discord clones popped up. I did compile a list (which probably needs updating)
https://github.com/DukePantarei/discord-alternatives-wishlist
True dat. The more people know every corporation, even the most “wholesome chungus Reddit karma 100” ones ONLY care about squeezing profits out of you, the better off we’re going to be in the future.
Check out and contribute to gomuks. It’s the go-to power user Matrix client as I’ve learned. I recently developed a theme for it to make it look more like Cinny, which itself is a bit of a Discord UI Clone. I don’t actually use gomuks, but it really needed a nice theme.
Anyone that doesn’t understand that companies exist to make profit needs to be studied at this point. You have to wonder how they even function in the world.
People don’t go work 9-5 for the fun of it and for free, do they? No, a company and/or customers pay them. Without that payment step there’s no job and there’s no product/service.
If you don’t think the company deserves your money, find another free service and use that until they start charging. Rinse and repeat - or just be an adult and pay for services and work that you like and use.
Hoping for another Moonlight/Sunshine moment! Already running Vaultwarden, rbw, and Keyguard. Just need a simple FOSS browser extension for autofill and editing entries.
For context, Moonlight was created first as a FOSS Nvidea gamestream client. Then Sunshine was created as a FOSS server implementation. Later, Nvidia dropped “official” support, now the two projects are a FOSS stack built atop a formerly proprietary protocol.
They responded on reddit and walked some of it back as an “oversight”: https://www.reddit.com/r/Bitwarden/comments/1tdvnh7/comment/olznwcv/. Allegedly, I’m too lazy to verify.
A change that would require intent to make is not a mistake or oversight.
This sucks. I committed to Bitwarden years ago and now am going to have to switch before they lock me in the garden.
They also haven’t addressed the removal of inclusion and transparency from their goals.
EDIT: They did. They said it’s “less of a priority”. The article I shared has been updated. I smell corporate bullshit though. “Oversight” this, “priority shift” that, they’d have to work hard to gain any trust back.
Jesus, I’m tired of switching password managers.
KeePassXC + KeePassDX is probably the best option, with the downside of no way to sync easily (syncthing is probably the best option there)
I might switch back at some point, been getting frustrated with the bitwarden extension performance always being so poor.
My first password manager was KeePassXC.
Hooked it up with Syncthing, and I’ve never had issues aside from the occasion database duplicate.
I use KeePass with KeeAnywhere. KeePass can natively sync over network share, FTP, or WebDav. With plugins, it can sync over SSH, FTPS, Amazon S3 compatible buckets (including open source compatible versions you host yourself), Azure, Box, Dropbox, Google Drive, OneDrive, and more.
Yeah the performance is what made me install the desktop app, but then it’s 1gb in size
Sync however you want. Syncthing, Nextcloud, Dropbox, Gdrive etc.
Syncthing is the way to leave Google Drive, etc.
I use Nextcloud myself, but if people don’t want to host a server or fuck with syncthing, they can sync it however they want as long as they use a strong enough master password/phrase (which they should be anyway.).
Rclone with any cloud provider is another great option that’s seldom mentioned. I posted my setup as a comment on another post. You may find it here - https://programming.dev/comment/23849767
Merge conflicts are a concern for KeePass, especially for those that don’t want to resolve them. Sync is difficult. AFAIK this is a very common issue with Syncthing setups.
Also, the portability from Bitwarden to KP leaves a bit to be desired, though that’s probably 90% on BW.
I’ve been using KeePass with Syncthing for 5+ years now and I think I’ve only had a sync issue once in all this time.
Granted I do make sure I only use the database on one device at a time (so not making edits on desktop and my phone at the same time) and I’m using XC and DX clients not the OG KeePass program.
I’m curious what is causing sync issues to make it “common”, I use my db every day.
I’m using Keepass2Android (and KeepassXC). It can copy the database from/to an sftp server, so it can easily merge the entries. I don’t have the sftp server exposed to the Internet, because when I’m not home, nobody will change the database at home.
KeePass isn’t going anywhere. They’re also dragging their feet on passkey support, so you might go with KeepassXC.
Their AI policy looks very reasonable, and they certainly aren’t vibe coding. Everything is rigorously reviewed and tested by a handful of experienced, competent humans.
Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass.
Link gives 404
404
They also don’t effectively allow collaboration though, which is my cheif reason for using a cloud hosted password manager.
What is “collaboration” in this context?
Sharing passwords between groups of people so everyone always has the up to date version. Not breaking the world if two people try to modify the same entry as some file syncing solutions do.
Hmm, interesting, though isn’t that a fault of the organization not having an account-linking system so that each person could have their own credentials but can still access the unified content? This workaround seems… flimsy, unless I’m not picturing a legit scenario in which no other method is as good, or something.
You know why most cloud based services charge money? For stuff like this, because it’s not free to implement and maintain.
Easy and fault-proof password sharing and syncing needs software and hardware to do. You either set it up and maintain it yourself, or pay for a product that does it - like Bitwarden.
Parallel creating, reading, updating, deleting password entries by multiple users.
Whoa, thanks. I had no idea this was a thing…
Sure they do. Multiple people can have a file open at the same time. I use it for exactly this every day at work.
With KeePassXC, that is. I don’t know if other flavors have different support. I use XC primarily for the browser extension.
And you can both modify the same things without causing horrible conflict issues? And you can share only parts of your vault with someone rather than having entirely different vaults you have to switch between? I’m assuming you mean putting the file somewhere like Google Drive, and you can access it offline even if you can’t edit it offline? For feature parity with Bitwarden, obviously ideally one could edit any time and it would resolve problems when it came back online if there were any but Bitwarden doesn’t allow this.
Yes, no conflicts. I don’t know if you can only share part of vault; I just created a separate one for a separate team.
I wouldn’t put it in Google Drive or anything like that. The separate sync logic will definitely cause conflicts.
I’m not worried about having access if I’m offline, because if I’m offline I’m not going to be able to log into anything anyway.
I guess a laptop, server, IoT device, or WiFi connection when your main device doesn’t have internet is out of scope for you?
Like fixing my laptop and not wanting to type the new password into my phone instead of copy/paste, sync when online?
And how are you sharing a file, to multiple people anywhere in the world realtime ish, without a cloud service you or someone else hosts? Doesn’t that necessitate some syncronization logic?It’s hosted on a local network share, so we don’t need Internet access.
If can’t copy paste, I just type it out.
We use a VPN to the office.
Two articles behind a paywall, one that won’t load, and another article that says the big problem with passkeys is…people are unfamiliar with them.
If anyone tells you that Passkeys are bad, they’re a liar. Way more safe than passwords, full stop.
Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.
Are you calling me a liar? That’s pretty weird; it’s not like I’m telling you to stick to passwords while I move to passkeys. With that said, though, get Bypass Paywalls Clean (Mozilla-only, as far as I know) and you’ll never see another paywall again. I forgot about having that.
Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.
The problem is that this is where it’s eventually going to lead to.
Not really, Vaultwarden/bitwa4den offer passkey support. When I log into a service a popup shows on my extension, I click it and I’m in. It’s not gonna lead to device locking if you don’t want to…
I just got Bit warden this year! Gah. Where are we jumping?
Full circle to sticky notes on monitor.
Vaultwarden
Maybe pay for one then?
I pay for bitwarden for the yubi key support and I’m also tired of switching.
Took me like 5 minutes to move back to KeepassXC.
i want to switch back to KeepassXC, but I very heavily use aliases in Proton Pass and can’t figure out a good way to still create those on the fly AND use Keepass as my default pass provider
Every company is basically evil at this point.
There is no ethical consumption under capitalism.
I think the rope they’re selling us might, one day soon, have a net positive impact.
Since Dodge v. Ford Motor Co (1919), if not earlier.
See also: https://reclaimdemocracy.org/corporate-accountability-history-corporations-us/
That’s troubling, I don’t like what this portends.
The new CEOs background especially suggests they’re spiffing up the company for a later sellout, why else would they pick a merger specialist for the role?
I think the original title was more helpful because it shows that this is a recent development. Maybe you can add “new CEO”?
Bitwarden scrubs ‘Always free’ and ‘Inclusion’ values from its website as longtime execs step down
In February, longtime CEO Michael Crandell moved to an advisory role, according to LinkedIn, with no announcement from the company. His replacement, Michael Sullivan, former CEO of both Acquia and Insightsoftware, touts his experience with “all facets of mergers and acquisitions” on his own LinkedIn page, including experience working with leading private equity firms.
CFO Stephen Morrison also left Bitwarden in April, replaced by former InVision CEO Michael Shenkman. Both Crandell and Morrison joined the company in 2019. Kyle Spearrin, who started Bitwarden as a fun hobby project in 2015, remains the company’s CTO.
You’re right, changed
