New
#1
Which way to go with Bitwarden?
The browser extension?
Or their desktop app?
Thanks
~
Windows 10 Pro 22H2
Which way to go with Bitwarden?
-
-
New #2
Neither.
Extensions will thieve your data left and right. Never trust extensions. Plus, the hack vector is there because extensions now-a-days are coded in crap code rather than the old tried and true XUL.
You don't need the desktop App. I just go to bitwarden.com, enter username, password and 2FA and on my way... I also use Keepass so that is one way I generate my 2FA with the Keepass OTP plug-in. Or I use the Aegis App on my phone for 2FA.
-
New #3
-
New #4
I have to disagree, I have been using the Bitwarden Firefox extension since it's inception , it is probably one of THE BEST password managers around. I don't think I would ever use anything else. Unlike Lastpass and a few others , there has never been a security issue with the extension or app itself or anything where I have to worry about any of my information or passwords being compromised.
The free version works fine but do yourself a favor, spend the $10 a year, get the premium version, set yourself a strong password and enable the 2FA option, you'll be fine.
If you'd rather not use the browser extension then like F22 Simpilot advised , just go the bitwarden.com route but if you do I would highly advise enabling their newly added passkey option for added security.
-
New #5
Been using the browser extension for both Firefox and Edge for years without any issues, and the desktop app has not even been installed.
-
New #6
I use Bitwarden, I also pay for it. I also use Keepass as a backup. The KeepassOTP plug-in is one of three ways I roll 2FA. The others are the Aegis App and the Keepass2Android App.
The problem with extensions is that they are a hack vector. Especially how things are coded now-days with crap Web Extension code. The old tried and true XUL code was far more superior.
While the extension is nice, just know you open a possible hack door. But do as you will, I don't care about other people's personal l beliefs... I'm just another person behind your WAN with a TTL of 2600...
Believe me when I tell you I've been a FOSS Chad since circa 51 B.C...
-
New #7
-
New #8
I agree , passwords can be had but when you factor in 2FA using cell phone notification, Yubi Key or a passkey, you're not getting too far even if you get the password. You would need physical access to the machine you were trying to hack.
Even so , Bitwarden is a zero knowledge app , they do warn you that if you lose your password it's on you . But even if you could hack or had access my password is a sting of 52 characters and THAT password is kept on another device in a non conspicuous area and is encrypted, the amount of time it would take to crack that password I can have it changed millions of times over.
And EVEN IF you did get in .... you'd probably be pretty dissapointed in what you'd find for all your efforts ...
-
-
New #9
i use a password manager extension , BUT , i also use this method (double blind passwords)
Password Manager HACK that eliminates the risk of a master password! - YouTube
so i only have to remember my master password and then another passphrase or whatever
so even if password manager is compromised , it doesn't hold the full password for any site stored
Quote
Related Discussions
