I do both, self-host vaultwarden for a non-profit and have Bitwarden premium for personal use. Vaultwarden offers those for free if you so wish, but there are no restrictions to self hosting Bitwarden.īitwarden has worked absolutely perfectly for me until now, their clients work just fine and it's the password manager I always suggest to people around me. If a file is not organized under the /bitwarden_license directory, the AGPL 3.0 license applies." All source files under the /bitwarden_license directory at the root of the server repository are subject to the Bitwarden License. These directories are not only used for logical code organization, but also to clearly distinguish the license that a given source file falls under. > "In the case of the Bitwarden server repository, the files are organized into various directories. > "Each Bitwarden repository contains a LICENSE.txt file that spells out which license applies to the code in that repository." > "In your GitHub repositories, how can I determine what license applies to a given software program?" The part of the code that's under the Bitwarden license which you have to pay for is SSO, SCIM and I think FIDO2 authentication as they use some Azure tools for all of these and as such they can't run on premises The server is basically only a dump pipe since encryption is done client side so there's no need to use the official one.Īlso Bitwarden's software has multiple licenses, one of them being AGPL for the server and one of them being GPL for the client. Vaultwarden is under the GPL, which is probably the software you are going to run anyway since it's lighter. But I haven't really tried to break it yet. When saving it seems to synchronize with the remote file first before uploading the file, so even if I change entries on both devices the copy on my server shouldn't lose any entries. On my Android phone I use Keepass2Android and it's built-in SFTP support to open the remote database (and also keep a local offline-copy). I suppose this might be problematic if multiple devices try to change the remote file at the same time but that's nothing I have to worry about and other solutions like using Dropbox or other cloud storage solutions would run into some sort of problem as well (but at least you might be given the choice of which version to keep). Then it runs the sync action against the freshly downloaded database and afterwards the trigger calls my script again and instructs it to upload the database to my server. As a second step the trigger calls my script which downloads the database from my server. As a first step it disables itself, as a last step it enables itself again. The trigger runs when the local database is being saved. I use the trigger system to sync my local database with a copy on my server via the help of a shell script (because I couldn't get the SFTP / scp plugins to work properly). I would have given KeePassXC a chance but it lacks the trigger system or a simpler alternative. Personally I use the official KeePass 2 executable via Mono on my desktop. Apologizing won't fix the fact you can get remotely locked from the passwords and TOTPs at a pressing moment. Password manager services are almost like bank storages but on the internet. Expect Spearrin to appear on HN and bring "personal" apology for the hiccup. Having this in mind, is there a viable alternative? But my trust to Bitwarden as a reliable service is completely ruined. I'm lucky enough to have the offline access to the storage. Given that I'm a paying customer, I'm a little bit offended by it.įor a secret management company that secured $100 mil recently, it's a clear mark that the enterprise service train is on the way. The funniest stuff, though, is that the company's damage control is to remove the comments and suspend feedback from it's community forum. Just cannot log into my account and verify a transaction because I'm stupid enough to trust them with my TOTPs and storing temp verification passwords. This is what happened to me like 30 minutes ago or so. So, as soon as you have an internet connection - you get blocked. What I learned about it, is that they can remotely disable your browser extension which is assumed to work in offline mode. Bitwarden is experiencing an outage right now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |