Should I switch from 1Password to Bitwarden?

If you are paying for Proton Pass unlimited aliases are included :wink:
Anonaddy good solution, but it have limited bandwidth. Proton Pass - unlimited.

That’s the most interesting thing in BW

It is good too (fully open source) but Proton seems to be more reputable. But both good solutions

1 Like

Nowhere did I say that BW is bad; Its just different in so many ways…

True :slight_smile:

1 Like

Why do you have 10k passwords?!

I used both of them and I am sticking with 1Password. Yes, Bitwarden is cheaper than 1Password and it is open-source, but UI is much better on 1Password.

Other differences;

  • Autofill is better on 1Pass
  • Sharing something is much easier on 1Password
  • 1Password desktop app does everything. Bitwarden requires web vault to do many tasks.
  • Browser integration is better on 1Password.
  • Sync is instant on 1Password. Bitwarden still has delays, especially on Android.
  • 1Password has many categories. Bitwarden is limited to 4.
  • 1Password UI is much better. Just a quick example. If you change something, like editing one login item, 1Password app stays where you are, but Bitwarden refreshes the screen and goes to the beginning. It is driving me crazy.
  • 1Password has Apple Watch app.

Edit. 1Password is not open source, that is true. but they have bug bounty programs and frequent 3rd party audits. This makes them trustworthy in my eyes.

1 Like

Well, ok. Just small question: which company is this 3rd party one? Im assuming its company and not individual…

Audits done by Cure53, Secfault and Recurity

Closed source is not trustworthy at all. Even if there is extremely high quality of external audit, we cannot exclude human factor. It is better if everyone who wants can check code. If source closed how can you verify that there is no government backdoor that is prohibited to reveal by court

1 Like

You simply can not

+1

1 Like

That is why you have audits and certifications, right? Which human factor are you talking about?

Being open source doesn’t automatically mean that it is safe to use. You might have software engineering skills and maybe you can inspect the code line by line, but unless the developer company fixes whatever bugs or backdoors you find and report, what can you do? Even in Linux kernel there are some bugs which were found many years later.

As for myself, I have zero coding skills. That is why I trust companies which are doing regular audits and fixing the vulnerabilities quickly and provide transparency to their clients.

3 Likes

MALICE. This is what @pikacho talks about!

1 Like

Please, follow link I posted in post above

Where is guarantee there is no government backdoor? If something will happen in open source project there is nearly 100% possibility that community will notice that.

1 Like

Hehe thats good one :slight_smile:

Closed source != transparency In other words: the moment developer(s) close source code is the moment transparency ends.

1 Like

And which government can force such a thing? Let’s say some government agencies managed to pass the bill, or they are not ruled by democracy and working justice system, what can you do? They will do whatever they want, right? What can you do with a open-source software? They still have licenses, so you cannot modify and compile the code yourself. Only difference will be, you can see the government’s modification in the code, or someone else with coding skills can see it, and that is if that modification is made to public.

Maybe LavaBit sample? Or maybe CockLi (not good sample but let’s be)? They can found vulnerability before audit and force not to reveal it.

The good sample is Anom. It was closed source. So there is no guarantee that any closed source software is not under control right now. We can trust them but there is no proofs.

Make a patch, not update, view plenty of messages about situation, downgrade, Crete a fork or use someone else’s fork.