For context, in my password manager I had tried formatting some of my entrees so that it would contain the usual username and password, but instead of creating whole new entrees for the security questions for the same account, I just added additional fields in the same entree in order to keep things a little more tidy.
I was not expecting that doing so would result in later being shaken down by Proton to pay even more money just to access the same few bytes of fucking text I had trusted them with. This is sleazy as fuck and I am dropping these idiots entirely.
Download BitWarden and be done with it.
If you can, just self-host vault warden (compatible with bit warden and supported). Gets your data out of the cloud entirely.
I’m with you, but the hosted subscription is miles more secure than I can make my installation, and at $10 per year probably cheaper than the electricity to self host. Plus it supports the devs.
But I do make regular backups in case I need to migrate.
I think their prices have increased, but it’s still a good deal
Giving money to yanks though
KeepassXC and syncthing, free and easy
What is your backup process like? Still haven’t figured this one out. Not sure if it makes sense to export encrypted where I can only access My vault with the same account, or unencrypted but then leaving it open and exposed somewhere or in multiple places.
Unencrypted, and it stays local.
Your first point is debatable. You still have to trust them to be that secure, and you can’t verify that. If they are ever breached, it’s literally the worst case scenario. You can self-host their solution, but only in the enterprise tier (6$ per user per month). Also BitWarden is a target woth attacking, I am not. BitWarden hosts thousands of instances worthy of being attacked individually. A personal VaultWarden instance of “Mike and Molly Peterson” isn’t exactly an attractive target. I do think they are pretty secure, but a single mistake with these stakes can have immense consequences. LastPass was also breached repeatedly, with a similar buiseness model.
The second point about electricity wouldn’t be true in my particular case, as the server for self-hosting it is running anyway. Running VaultWarden or not doesn’t change the power usage noticably. Obviously this is different for someone who doesn’t just have a server at home running anyway.
Side note: I’m not actually running a personal VaultWarden instance, as my personal requirements are being met just fine with KeePass files. We do run an instance at work, but it isn’t world-accessible (internal access only).
Why are you suggesting self hosting vaultwarden instead of self hosting bitwarden?
Bitwarden disables some features if you self host, even if you pay the $15/year.
Self hosting BitWarden still means it’s accessbile for them and/or from them.
You also have no way to audit their security from what I understand. VaultWarden is FOSS, if you want to, you can go check. And it does get checked by people with the competence to check this do every now and then.[Edit: I forgot that BitWarden is actually souce-available as well, while not being FOSS that’s still better than most solutions]. I just prefer full FOSS whenever possible. I prefer it not be a black bos I just happen to run on my own server.If you self host VaultWarden, the instance can just be not accessible from the internet, and only from behing a VPN. Obviously this is inherently much safer. If that’s possible with the self-host option I don’t know, but even just for licensing the local instance will have to be able to reach their servers (possibly be reachable from their servers, too). I did see they got an “offline deployment” option for air-gapped servers, but haven’t looked into what limitations that entails.
Additionally, you’re still within their licensing model. So for certain features you need to have a not-free account (like even just more than 2 people).
And like others said, VaultWarden is much lighter on resources in general and you aren’t limited in what you can and can’t do (users, collecitons, auth-options, …).
Keepass is tried and true, I’m going back to Keepass.
Welcome back 👍
Bitwarden doesn’t do any of the stuff that makes proton pass extremely usable. You can’t easily manage logins and create them on the fly with custom emails in bit/vaultwarden. That is by far the most valuable feature of proton pass IMO, the seamless integration with simplelogin is just so damn convenient.
Bitwarden has an integration with simplelogin too. Enter an api key and it can generate random aliases on the fly.
Where? I can’t seem to find that option anywhere in my bitwarden app
Edit: NVM found it, it’s just hidden by several clicks before it’s an option.
KeepassXC + Syncthing has worked fine for me for a few years. Sure, it’s a bit of a hassle and not exactly perfect, but nothing is. I have control over my data and I don’t have to pay anyone anything, that’s enough for me.
Also, tasty entrees 🤤
Hassle? What hassle? Adding a new device to the syncthing swarm and adding the folder where your database is stored?
I also have been using KeepassXC and syncthing for years. Best thing I have ever done!
I use a VPN and even if I allow local wifi sharing it messes with syncthing’s connections. It’s not a perfect system.
This is the route I’m taking. Keepass has always been tried and true. I switched from Keepass to Proton Pass for a while, and in more ways than this one complaint it has been very much a downgrade.
Proton does not know how to make quality software.
I tried protonmail not for the privacy purpose but just to have a normal web email client.
After wasting an hour before finding out you can’t disable the “sent from protonmail” footer without manually deleting it in each draft you make, I said screw it and deployed my own email server with stalwart lol.
It’s receive only because outgoing SMTP is a pain to make reliable these days and my ISP blocks outgoing SMTP anyway, but for everything else I now use Thunderbird.
deleted by creator
IIRC free users don’t have that option.
deleted by creator
Yeah I wanted to complain about it, but when the service is free I don’t have any right to. I will say that I upgraded to paid and still ran into a limitation. On Gmail, I use the Snooze and Schedule Send options a lot. In Gmail I have scheduled financial reminders for literally years in the future. Proton only lets you schedule 90 days into the future, that’s it. I gotta wonder about the logic of that. At the very least, let me schedule messages until the end of my subscription.
Yeah I’m on free tier(evaluating proton as a whole) and I don’t see this option in my mobile app. I’ll have to look at the web to see if it’s there…but I doubt it
*Edit, checked the web client. Found the option, but it’s a mail plus feature, so I can’t disable it as a free user.
deleted by creator
Bitwarden offers this feature for free using custom fields, although 2FA is paid unless you self-host IIRC
Vaultwarden is a great self hosted bitwarden clone
I haven’t personally hosted it myself but I’ve heard it’s pretty good, also worth vouching for KeePass based on my time with it
Howdy. For the clarity of users such as myself, can you please clarify which “Proton” you’re referring to.
Bummer.
Eh. I am very happy with thwir service, but I didn’t opt for the free tier. It has replaced my old VPN service provider, 1Password, google’s 2FA, Google Drive, and the office suite is useful.
Since i was paying for other services that offered no privacy, switching to a single paid service with privacy ended up saving me money, so no complaints.
I too am happy. i migrated from Firefox password manager, google mail, Cisco duo (kill it with fire please for the love of Turing and Tesla), and several other services. the only thing they don’t have that I really want at the moment is collaborative document editing but I’m pretty sure that’s on the docket of “things to add”.
Bitwarden ! Host it yourself.
Vaultwarden 😎
Will host that myself eventually, but a little scared by hardware prices. All I have is a desktop PC with a 700W PSU, probably unsuitable as a home lab.
I’ve been homelabbing for a couple years now, and it’s still just a desktop PC with a 450W PSU, it even has a Jellyfin server with some light transcoding. I’d highly recommend trying out a server you don’t mind breaking and play around, you’d be surprised what you can do!
Pretty sure the warning signs were apparent when the CEO submitted to Trump. it just his “personal beliefs” and not representative of the company. Right.
The CEO was lobbying for online privacy by publicly shaming the Democrats. He was doing his job.
Wait the Democrats respond to public shaming? At this point I thought they got off on it. He was doing his job but, he was kissing fascist ass just like Google, Microsoft, and Apple have not lobbying for privacy.
Why is it that just doing their job excuse or just following orders tends to be associated with questionable actions as opposed to positive ones? It’s starting to seem like a red flag if those two phrases get used for an action.
He made a mean tweet about the Democrats, it’s not like he loaded bullets into ICE guns.
Complimentary remarks to Republicans depicting them as a party open to being privacy respecting and respect for the rule of law. Took the Joe Rogan hand book of trying to sane wash the Republicans and downplay concerns regarding them while trying to come off as moderate.
And it aged terribly. Someone who went to Harvard and spent significant time in the US wasn’t blind to what those way less educated than him saw when it came to the direction the US was headed towards before Trump officially took office.
He was rightfully criticized because Trump never hid his intentions during the election, so people were not impressed by the pandering like all the current tech bros part of the Trump inner circle.
Am I the only one that read the situation as he could only get GOP folks to be receptive that day? Like if it would have been dems it would have been the other way around. My wife went to DC to lobby for an issue and tried both parties. It’s a thing they do. He never specifically said he actually preferred one over the other, just that he got the response. I’m more interested in what the specific lobbying effort was. I am suspicious of them only because they are lobbying in US in the first place and because I’m suspicious of everything at this point. There was no damning info in the reporting on this issue.
Yeah, I tried to be charitable and assume they were just ignorant of how bad Trump is. I should have known better.
What tier do you pay for now? Did you ever downgrade your tier?
I am on Proton Plus, $4.99 per month, which I now see does not appear to extend to Pass benefits. I’ve switched password managers already, and am going to be moving everything else over to other apps and services and cancelling my Proton accounts entirely.
That’s fair, if something doesn’t work for you move on. I’m pretty happy with proton for now. Eventually I’ll try self hosting.
I don’t think that’s where entrees go.
Hypothetically it should have. Those were additional fields that I added to the main account login entree, in order to keep all the relevant data in one place.
Strange, I keep my entrees covered in the fridge and take them out about one hour before guests show up.
??? I use Proton mail and I never saw something like this. Account with nick, other mail, password and go.
It’s in Proton Pass. When you create an account entree, there is an option to create additional fields that you can name and fill out, kind of like multiple notes in one file. Somehow I was able to create those fields on my account just fine, but then to be given access to that data it turned out that I had to upgrade my account. In other words they duped me into entering data at no extra cost, but then charged me to access that same data later on.
That’s scummy as fuck.
I guarantee they do that on purpose just like all other scams that make you invest your time before telling you you need to pay.
I don’t use it. Mail is fine, I don’t need other than this. For all other apps, there are tons of FOSS alternatives out there.
Bitwarden FTW
But I don’t understand, were you already a premium member when you were prompted to pay more?
I had to look into it again because their pricing models are weird and confusing. My current plan is something called Proton Plus, $4.99 per month, and evidently the benefits do not extend to Pass.
Oh yeah, this is a very annoying pricing model. Proportionally very expensive for each individual part/product, but then a proportionally lower price for the whole thing. But in absolute amounts, more money was payed.
The closest example I can think of is fast food cup sizes.
What they want is for you to think “Hmm I need a VPN and an email, but it’s cheaper to just buy the whole unlimited package”
Have you considered upgrading to Proton Lux™?
Because a bunch of dementia patients started leaving 1 star review as they kept on forgetting their passwords
Answer for all
“yourmom”
That’s crazy it’s basically ransomware















