Bitwarden auto fill9/25/2023 Adding to this mix some public and private DNS entries pointing to an IP in a non-routable address space and a Let’s Encrypt certificate for those DNS entries, and the end result is a valid HTTPS endpoint that is reachable only on the private ZeroTier network (and my LAN). I haven’t experienced any routing trouble with this setup, unlike traditional VPNs. In practice, I can create, for example, a 192.168.128.0/24 network and authorize any of my devices to access this network and the other devices on it, as long as they have the ZeroTier One client installed. I tend to think of it as a lightweight hybrid between a VPN and a LAN connection. ZeroTier creates virtual, decentralized software defined networks. Since I didn’t want to expose my Bitwarden_RS instance to the public internet, and I didn’t want to deal with the hassle of VPN connections interfering with routing as they often tend to, I decided to put the server as well as all the clients (including my phone) on a ZeroTier network dedicated to Bitwarden. Since all Bitwarden clients have the ability to communicate with self-hosted servers (which, in my book, makes Bitwarden by far the number one modern password manager), I’m able to use the official apps mostly as intended by the developer, while keeping the data as private as it can reasonably get. Bitwarden_RS is a lean implementation of the Bitwarden server, written in Rust. I’m still not comfortable letting an informed third party store my password data, which is why I decided to host an instance of Bitwarden_RS at home instead of using Bitwarden’s own cloud hosting service. And besides, it does support offline read access to cached vault data, which should be good enough. I’ve since reconsidered my stance on that and decided that it’s not important enough of a feature to be a deal breaker for me. I’ve been aware of Bitwarden for some time, but I’ve shied away from seriously considering it because it didn’t – and still doesn’t – support modifying password information while offline. (Yes, these are mostly theoretical concerns, but I like to err on the side of paranoia when it comes to my passwords.) My reasoning is that, since the KeePass applications function offline and the syncing applications have no concept of what it is they’re syncing, it should be safe enough to avoid potentially unpleasant situations like the sync service knowing a little too much about the password database, or the password manager syncing to something I didn’t authorize. kdbx file across my devices, while using an offline KeePass-compatible Android app. Of course, I couldn’t realistically avoid things like automatic syncing of the password database, so I came up with my own solution of using Box.com to sync the. That has always made me just uncomfortable enough to avoid. While I have no concerns with the security of KeePass itself, the problem is, in order to have the more convenient features like automatic syncing, browser integration, and cross-platform compatibility, I’d have to use various third party tools, forks, implementations, or plugins. That said, I’ve been stuck in the past for a while now. They encourage the use of complex passwords that you don’t have to remember and that attackers are unlikely to brute-force they help to make credential stuffing attacks effectively obsolete and, these days, they speed up the login processes to various websites using browser extensions and mobile apps. I’ve been a fan of the idea of password managers for a long time. Taking a little break from my Meteorological meanderings posts, I wanted to share my experience in switching away from KeePass, which I have used since at least 2007, to Bitwarden, a much more modern open source password manager.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |