Bitwarden introduced a non-free dependency to their clients. The Bitwarden CTO tried to frame this as a bug but his explanation does not really make it any less concerning.

Perhaps it is time for alternative Bitwarden-compatible clients. An open source client that’s not based on Electron would be nice. Or move to something else entirely? Are there any other client-server open source password managers?

  • CommanderShepard@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    edit-2
    9 days ago

    Bitwarden is a very convenient password manager for an average computer user. It’s very straightforward and easy to use.

    I can see some bias here of the people who say “o, just use KeePass and sync the database over some cloud provider”. What if there are conflicts? How do they deal with them? I can figure it our but most people I know, won’t.

    Even the password manager concept is a complicated concept to grasp for many people (that I know). And I can recommend them Bitwarden because it’s relatively easy, but KeePass with sync? Maybe, if I commit to actively help them with it.

    P.S. I’ve convinced several people to try out Linux, and they are willing to learn it, but even if they just need to use a browser, they struggle sometimes. I can’t imagine them syncing the KeePass database.

  • TrippyHippyDan@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    10 days ago

    This plus the syncthing announcement about the Android client ending support is a bad day indeed. I was just thinking about self hosting instead of KeePass + SyncThing now it’s back to the drawing board once it stops working 😵‍💫

    • ShortN0te@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 days ago

      The syncthing fork on f-droid is still an option. An issue has been opened on the github repo. Lets see what will happen with the fork

      • TrippyHippyDan@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 days ago

        I do have it installed through F-Droid. I thought I read that they weren’t really going to be focusing on it at all, so updates may just die out.

        Brings the little hope that my current situation won’t die!

        I don’t know enough about Java directly to contribute anything useful, sadly.

  • just_another_person@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    8
    ·
    10 days ago

    BitWarden already has lots of clients. There’s also VaultWarden for the server if you want.

    This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It’s a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it’s just not going to be in the official BitWarden clients. Hardly news or a big deal.

    • 486@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      10 days ago

      BitWarden already has lots of clients.

      Does it? I’d be very much interested to know. I’ve been looking for other clients before, because I didn’t like the sluggishness of the Electron client, but couldn’t find any usable clients at all. There are some projects on Github, none of which seemed to be in a usable state. Perhaps I have been missing something.

      This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It’s a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it’s just not going to be in the official BitWarden clients. Hardly news or a big deal.

      Nobody said that they can’t do that (although people rightfully questioned that their changes are indeed comatible with the GPLv3). I very much disagree that this isn’t a big deal, though.