User Tools

Site Tools


pwm

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
pwm [2026/05/23 17:19] – [For advanced users] particlespwm [2026/05/26 02:43] (current) – [Awkward password managers] particles
Line 40: Line 40:
  
   - LastPass. LastPass has had corporate data breaches and security vulnerabilities that warrant not using it, probably at all.   - LastPass. LastPass has had corporate data breaches and security vulnerabilities that warrant not using it, probably at all.
-  - Bitwarden. Bitwarden should not be as bad as it is, but there are routinely security vulnerabilities in this product. If you self-host Bitwarden or Vaultwarden and don't expose to the internet, your risk decreases dramatically because it turns into an offline password manager, but doing these activities requires some work. Vaultwarden also doesn't support Passkeys, which means you're stuck using passwords. I consider this quite bad.+  - Bitwarden. Bitwarden should not be as bad as it is, but there are routinely security vulnerabilities in this product. If you self-host Bitwarden or Vaultwarden and don't expose to the internet, your risk decreases dramatically because it turns into an offline password manager, but doing these activities requires some work. <del>Vaultwarden also doesn't support Passkeys</del>((I have been assured that Vaultwarden supports passkeys. If you read this and still use it and find it doesn't, please email me.)), which means you're stuck using passwords. I consider this quite bad
 +    - [[https://マリウス.com/i-do-not-recommend-bitwarden/|マリウス also does not reccommend Bitwarden]] (even when self-hosting). 
 +    - See [[https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/|Bitwarden design flaw: Server side iterations]].
pwm.1779524377.txt.gz · Last modified: by particles