Exists a trustworthy free alternative to Bitwarden password manager?

abishekh_kc

abishekh_kc

Novice
The Bitwarden password manager has received positive reviews and ratings, which impresses me. A free password manager with a good reputation is what I'm looking for. The only issue I had with Bitwarden's free plan was that one-time passwords couldn't be added.

Do you have any recommendations for me?
 
Just my 2 cents, better to have them seperated rather than all details in one app.
Security wise and reliability wise too.
My recommendation is to use Aegis as it has export, and also save data while using Google backup too.
 
Well password manager are tough to break, and are protected by 2FA. Its always good to have another step of verification as if you password get leaked, 2FA can stop it breaking in further
 
I currently use Authy and the free version of Bitwarden. I did some research on Aegis. However, it appears that Authy is more well-liked and has millions of downloads on app stores. It is a strong rival to the enormous Google authenticator. There was no export function in Authy.
coconutchairjasmine said:
Just my 2 cents, better to have them seperated rather than all details in one app.
Security wise and reliability wise too.
My recommendation is to use Aegis as it has export, and also save data while using Google backup too.
Click to expand...

lockhrt999 said:
What's the point of having 2-step verification if you are saving all the secrets in one place?
Click to expand...
On Reddit, a lot of people agree that keeping passwords and 2FA separate is preferable. Where should I then save my 2FA backup codes afterwards?
 
abishekh_kc said:
On Reddit, a lot of people agree that keeping passwords and 2FA separate is preferable. Where should I then save my 2FA backup codes afterwards?
Click to expand...
Authy + free bitwarden is the best combination I know and use. You may keep 2FA codes in an excel file. And encrypt the excel file using 7z or winrar. And keep the zip file in a cloud storage.

Anyway, Authy is in good hands. I don't think the owner company of authy would go down anytime soon. It's very well paid from the corporate world. Authy is their side product. I would be more worried if authy was to be run by google. Secondly, if tomorrow authy server goes down, the android and windows app can still function offline (talking about the current versions).
 
abishekh_kc said:
I currently use Authy and the free version of Bitwarden. I did some research on Aegis. However, it appears that Authy is more well-liked and has millions of downloads on app stores. It is a strong rival to the enormous Google authenticator. There was no export function in Authy.
Click to expand...
Sorry to say but authy is the worst you can have. Might not be big deal but:
- authy is closed source, so way of saying what extra services or more paid or ads they might add to restrict you later.
- rather than using number of downloads on Play Store as a factor, look for recommendations on privacy or security subreddits or websites.
- Aegis is totally open source, very friendly as it allows exports even secure one. Authy is like Google auth, tries to keep you captured in their ecosystem.
- Aegis has no sync as it doesn't use internet or any networking as it should be. But it does allow google backup integration, you can automatically restore once you uninstall or like more phones.

lockhrt999 said:
Authy + free bitwarden is the best combination I know and use. You may keep 2FA codes in an excel file. And encrypt the excel file using 7z or winrar. And keep the zip file in a cloud storage.

Anyway, Authy is in good hands. I don't think the owner company of authy would go down anytime soon. It's very well paid from the corporate world. Authy is their side product. I would be more worried if authy was to be run by google. Secondly, if tomorrow authy server goes down, the android and windows app can still function offline (talking about the current versions).
Click to expand...
Just a counter argument.

2FA(TOTP) layer is designed to be offline. Adding sync or having servers to handle things kinda defeats the purpose of it being offline. Only good side i would say is syncing, but you can also just export and add it to you another device.
 
coconutchairjasmine said:
2FA(TOTP) layer is designed to be offline. Adding sync or having servers to handle things kinda defeats the purpose of it being offline. Only good side i would say is syncing, but you can also just export and add it to you another device.
Click to expand...
It's not designed to be offline. But it was once recommended as such by Google which was not at all smart. Everyone who has ever user google authenticator app has suffered devastating consequences. It works offline only as there's no sync or backup. So if you change your phone you are f'd. Instead of correcting their mistake with the authenticator, Google, removed TOTP as a default 2FA option for all google products and instead made SMS or android notification authentication defaults. Google can be stupid sometimes.
 
Offtopic. But today first time, a couple of my attachments have gone missing from LastPass, been like 5+ days and no response.
We will have to switch to an alternative soon, if no solutions
 
Futureized said:
Offtopic. But today first time, a couple of my attachments have gone missing from LastPass, been like 5+ days and no response.
We will have to switch to an alternative soon if no solutions
Click to expand...
I've forgotten my old LastPass account master password. I wasn't saved my recovery key anywhere. When I contacted the support team they told me that they couldn't help me to recover. Because they don't have access to the master password.

Then I switched to Myki, then after a few years, I moved on to Enpass. Finally, I switched to Bitwarden last month.
 
abishekh_kc said:
I've forgotten my old LastPass account master password. I wasn't saved my recovery key anywhere. When I contacted the support team they told me that they couldn't help me to recover. Because they don't have access to the master password.

Then I switched to Myki, then after a few years, I moved on to Enpass. Finally, I switched to Bitwarden last month.
Click to expand...
They have improved a lot recently (the last few months at least)
SMS OTP/master email and a few other options ease your life now.
 
abishekh_kc said:
The Bitwarden password manager has received positive reviews and ratings, which impresses me. A free password manager with a good reputation is what I'm looking for. The only issue I had with Bitwarden's free plan was that one-time passwords couldn't be added.

Do you have any recommendations for me?
Click to expand...
I have carefully chosen bitwarden and ditched old lastpass just due to its crap policy of using only on a single device.
Bitwarden isnt nearly 100% efficient as LP yet does the job fine for me.
Futureized said:
Offtopic. But today first time, a couple of my attachments have gone missing from LastPass, been like 5+ days and no response.
We will have to switch to an alternative soon, if no solutions
Click to expand...
And I configured 2fa auth code sign-in for bitwarden and after phone format there was no way to reset/disable 2fa thing. Luckily on my pc and laptop had bitwarden configured in browser without any security so currently using it.
No way to reset 2fa thing. Only way is to backup existing data, delete a/c and recreate same a/c on same email id and restore the backup.
Yet to do so...
 
Back
Top