this post was submitted on 20 Oct 2024
372 points (95.1% liked)

Selfhosted

60093 readers
643 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
372
Concerns Raised Over Bitwarden Moving Further Away From Open-Source (www.phoronix.com)
submitted 2 years ago by 486@lemmy.world to c/selfhosted@lemmy.world
42 comments fedilink hide all child comments
 

Bitwarden introduced a non-free dependency to their clients. The Bitwarden CTO tried to frame this as a bug but his explanation does not really make it any less concerning.

Perhaps it is time for alternative Bitwarden-compatible clients. An open source client that's not based on Electron would be nice. Or move to something else entirely? Are there any other client-server open source password managers?

you are viewing a single comment's thread
view the rest of the comments
[–] just_another_person@lemmy.world 20 points 2 years ago (2 children)

BitWarden already has lots of clients. There's also VaultWarden for the server if you want.

This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It's a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it's just not going to be in the official BitWarden clients. Hardly news or a big deal.

[–] thayerw@lemmy.ca 41 points 2 years ago (1 children)

I can only speak for myself, but I would never trust opaque, proprietary software to manage my credentials, especially in a networked environment. For me, that's a total showstopper.

I've never had need to use Bitwarden or Vaultwarden as I've always been happy with KeePass, but this news would definitely have me choosing an alternative.

[–] 486@lemmy.world 23 points 2 years ago* (last edited 2 years ago) (1 children)

BitWarden already has lots of clients.

Does it? I'd be very much interested to know. I've been looking for other clients before, because I didn't like the sluggishness of the Electron client, but couldn't find any usable clients at all. There are some projects on Github, none of which seemed to be in a usable state. Perhaps I have been missing something.

This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It’s a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it’s just not going to be in the official BitWarden clients. Hardly news or a big deal.

Nobody said that they can't do that (although people rightfully questioned that their changes are indeed comatible with the GPLv3). I very much disagree that this isn't a big deal, though.

[–] MightyCuriosity@sh.itjust.works 1 points 2 years ago (2 children)

I use Keyguard on my phone. Loving it so far. Mostly focused on Android but also available for all major platforms.

[–] 486@lemmy.world 7 points 2 years ago

Thanks, I haven't seen that one before, but I'd really prefer an open source application.