Bitwarden or Proton Pass

privacyyy · October 30, 2023, 12:33pm

What yall thoughts on this ?

Private_Plan · October 30, 2023, 1:02pm

Proton Pass if you pay for Proton Unlimited. Otherwise, Bitwarden.

Don’t put all your eggs in the same basket.

pika · October 30, 2023, 1:06pm

Hands down Bitwarden . I haven’t used proton pass much but definitely bitwarden would by my first choice. They have been around for a long time now and are excellent for security in cloud password manager space. Their support is also good.
Their free plan inlcudes unlimited passwords , yubikey support which is the most a free password manager is offering in the market.

ph00lt0 · October 30, 2023, 1:51pm

Proton Pass is a lot more user-friendly, much easier to sort passwords and a really nice much better working integration with SimpleLogin for random alias username email addresses.

Proton Pass however does not allow you to set up a legacy plan like Bitwarden has in case of death or emergency. Proton really should introduce that option.

Proton does not have support for biometrics authentication on desktop, so you will rely on a pin in your browser or no authentication at all.

Neither have fully launched passkey syncing support, but it seems that Bitwarden is further in the works on this, so that is something to consider.

AlphaElwedritsch · October 30, 2023, 3:55pm

sign
Tested also Proton but in the end it’s all about the many small differences that make Bitwarden

Catering9655 · October 30, 2023, 3:56pm

I would never trust any cloud service with this kind of data, regardless of whatever encryption or other methods they would use. So, Bitwarden as long as you’re self-hosting.

AlphaElwedritsch · October 30, 2023, 4:13pm

Why? Can you go more in detail?

pika · October 30, 2023, 4:55pm

How is self-hosting gonna make it more “secure” according to you. If you don’t trust cloud , it doesn’t matter where and how you host it.
I am not sure what are people worried about as everything is zero-knowledge encrypted.
Also bitwarden code is open source , you can compile app yourself. Using their cloud service would be much better than hosting yourself unless you are a business.

BadWolfe · October 30, 2023, 4:58pm

According to this website, the Bitwarden agreement you make when you say “I agree” states that you agree they can:

You are tracked via web beacons, tracking pixels, browser fingerprinting, and/or device fingerprinting

No info on Proton Pass, but they do show what we agree for with ProtonVPN, which I assume is similar.

Regime6045 · October 30, 2023, 4:59pm

I agree with you, I guess the main benefit would be getting the premium features (like TOTP 2FA and emergency contact/dead-man’s switch) for free.

privacyyy · October 30, 2023, 5:27pm

Is this website providing legit information ?

Tech-Trooper · October 30, 2023, 6:29pm

When you are self-hosting, you assume the daunting task of protecting your data. Still, you are dependent on the same encryption methods provided by Bitwarden or Proton, unless you are devising your own cryptography.

Indeed. It is also annoying that Proton Pass does not have option to lock itself on browser restart, unlike Bitwarden. So, you have to enter your pin like every hour.

It depends on the apps and services, there might be missing information for some apps. Keep in mind that the review is based on the Terms of Service, not the underlying technology of the apps.

For instance, Telegram has a score of C, while whatsapp is given D. If I had to choose between the two, I would opt for whatsapp, since Telegram does not have E2EE for group messages and individuals (for default). Therefore,

BadWolfe · October 30, 2023, 6:37pm

As with everything we research, we rely on the many to inform us of scams.

The website claims that they read those legal agreements that we all sign when we use someones “free” software or websites, then they parse out the good and bad in what we have agreed to. It is a window into how they use claim to use our information.

ph00lt0 · October 30, 2023, 6:41pm

it’s community run, so take things with a grain of salt and see what is actually going on. It can possibly help you to understand things but I would just read the actual policy instead. The TOSDR project tries to reduce complexity but I am not sure that it really does. This specific line was copied from the privacy policy section in the part about the website, not about the product itself. The marketing website of Bitwarden surely leaves things to be desired, but this isn’t part of the policy for the product itself. Take that for what you will.

Catering9655 · October 30, 2023, 7:43pm

Sure. While I trust the math behind encryption in general, you still rely on the cloud service to almost never make mistakes. Sometimes mistakes happen: #1, #2, #3, #4. Now, some services definitely are better than others making it less likely for a single mistake in isolation to actually lead to compromise of any interest data. I just like to have another step here, call it defense in depth if you will: hosting the data on my own infrastructure.

Regarding open source: Yes, it is. Otherwise I wouldn’t consider it in the first place. Regarding their cloud service: I haven’t said that “I don’t trust cloud” and I also haven’t said anything about the “zero-knowledge encrypted” state of the data in my initial comment. I simply stated my preference. You have not really made it clear why their cloud service is better “unless you are a business”. There are definitely downsides to hosting things yourself, including a password management solution. But I think that it’s a bit too much of a blanket statement to say that individuals cannot and should never host things themselves. Especially if I’m not specifically targeted for being a PEP or similar, then self-hosting can work fine.

However while I do incidentally actually self-host Bitwarden, my initial comment also was only an answer to the question “Bitwarden or Proton Pass?” from the OP. If we’re generally talking about password management, I would recommend KeePassXC to most people. It’s fine though if you use something different, all is better than using the same password everywhere.

bee · October 31, 2023, 6:19am

I’m thinking of switching to proton pass if there’s a sale for cyber monday/black friday soon for usability and UX, but I had a question for more technically inclined users.

Is there a tangible difference in the security or reliability of Proton and Bitwarden’s encryption and data protection protocols? Is there a substantial enough difference to warrant using one over the other for an average user?

I’ve read through documentation for both services, but when it comes to encryption protocols and diagrams, I start having trouble following along. I’d appreciate some clarity from someone here on this

PrivadoQ · November 1, 2023, 12:12am

I don’t’ know if my MacBook is the problem, but Proton Pass has been pretty bad in my experience. For over a month it didn’t work on the Mac, Passwords wouldn’t open. I downloaded the iPad app to it, and it wouldn’t save entries there either.

These issues got fixed and it worked until about a couple of weeks ago. Now iPrroton Pass doesn’t work on Safari. When it tries to enter the password, the Proton Pass text box goes all black and it can’t be closed. I have to force quit Safari and start all over again.

Plus, I go to a client site that somehow has a firewall on ProtonMail/Pass, so I can’t open it there. They have put firewalls around VPNs as well, so haven’t been able to get around it yet.

IMHO, Proton Pass is really a half baked product. I love Proton Mail, but can’t recommend Proton Pass. I moved over from 1Password, and really regret it.

sha123 · November 1, 2023, 7:36am

Many products of Proton feel this way, especially if you use them cross-platform (e.g. on Linux). They really should focus on doing a few things, but these properly, not developing something new again and again, which no-one asked for and are better alternatives out there anyway.

anon62252234 · November 1, 2023, 8:00am

Couldn’t agree more. My Proton disappointments (have been moved to a new thread).

anon62252234 · November 1, 2023, 8:17am

As for the original question of this post, I have not used Proton Pass personally, and have not used Bitwarden recently.

Regardless, I would recommend you use the best tool for you personally. If you find Bitwarden nicer to use than Proton Pass, or the reverse, then use what works for you.

But more generally, I have to agree with this:

You should really use the best service for each one of your singular needs, and not use the same one for everything.

While Proton’s (still developing) ecosystem is nice, you should really evaluate Proton Mail, Calendar, Drive, Pass, and VPN as separate products. It’s fine to use them all, if they’re genuinely the best options for you (and they are pretty good).

But, if Bitwarden works better for you, or Mullvad works better for you, etc., then you should use them. Using the whole ecosystem is not required, and not really recommended (if it makes sense for your use case to use other products), since you’ll be relying on them for a lot of your stuff.

My personal setup (has been moved to a new thread).

Topic		Replies	Views
Proton Pass web (early access) Site Development	5	459	December 26, 2023
1password vs bitwarden Questions	4	620	November 13, 2022
Should I switch from 1Password to Bitwarden? Questions software	33	989	January 29, 2024
Best web-based OSS Password Manager? Questions software , website	2	444	November 9, 2023
Should I use Dashlane? Questions	15	815	November 25, 2023

Bitwarden or Proton Pass

Related Topics