I have been using Bitwarden for around 7~ years. Subscription for this long too, at 10USD p/year. I will be switching due to lack of transparency, and would love to hear others thoughts on this.

The linked article goes into further detail, but here is a small summary that very much concern me / are sus:

  • that 10USD per year has gone up quietly . I just checked and I have no email telling me it’s increased. It renews in like 2 months, so this is good timing for me
  • Originally Bitwarden had values as apart of the acronym “GRIT”. Gratitude, Responsibility, Inclusion, and Transparency. They have changed the last two words to “Innovation, Trust”
  • There is now a new CEO, this was not announced and the only reason people outside of Bitwarden know is that someone saw this change on LinkedIn
  • The free tier momentarily disappeared from their product page for about a month (april14-may14). People were likely still able to make free accounts during this period. Bitwarden says it was a marketing mistake

The price hike is one thing, but for me the acronym change is most concerning, which is why I will be looking at another password manger (probably keepassxc)

  • Avenging5@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    23 days ago

    if you’re into self-hosting i’ve been using vaultwarden for a while now. it’s an open-source implementation of the Bitwarden server

  • overload@sopuli.xyz
    link
    fedilink
    arrow-up
    0
    ·
    25 days ago

    Disappointing, but I’m still going to be running the free tier of Bitwarden for the time being. Thanks for the heads up.

    • nfreak@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      22 days ago

      Since we still need to use the official clients with Vaultwarden, I’d say time is running short, even if these changes don’t directly affect it yet. Definitely need some FOSS alternative clients for it.

    • foremanguy@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      23 days ago

      Even if it doesn’t affect it directly Vaultwarden is strongly linked to Bitwarden, for example I think you’re using official clients on your devices, Vaultwarden is not self sustainable (for now)

    • Jason2357@lemmy.ca
      link
      fedilink
      arrow-up
      0
      ·
      23 days ago

      None of the above effects vaultwarden (how could it?), but it does raise concerns about long term FLOSS-friendlyness. I got bit by the sudden price increase earlier this year and decided that is the 1 year warning to migrate to either self hosted vaultwarden or something else. I move slow, so need some time anyway.

  • mystic-macaroni@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    25 days ago

    Out of a desire not to switch, I’m going to ask what I know to be a naive/dumb question: what’s the worst that can happen? It’s a mature gpl codebase

      • clb92@feddit.dk
        link
        fedilink
        English
        arrow-up
        0
        ·
        25 days ago

        Was LastPass open source to the same degree that Bitwarden is? It’s super easy to run your own Vaultwarden server already, and it shouldn’t be a problem for the community to fork and maintain unofficial clients either. Doesn’t seem like there’s much Bitwarden as a company could do about that, even if they wanted to.

        • BakedCatboy@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          25 days ago

          I’m surprised that nobody has (meaningfully) forked the clients yet, it seems like all the warning signs are there

            • BakedCatboy@lemmy.ml
              link
              fedilink
              English
              arrow-up
              0
              ·
              25 days ago

              Yeah for sure, I’m just thinking that it can be a little rocky to get governance and contribution processes set up, sometimes those last minute forks flop because the person who decided to advertise their fork ends up being ill equipped to handle running the project. If we can get a libre warden client project working before hand then it’ll make the process a lot more seamless when issues with bitwarden arise.

  • kittenroar@beehaw.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    24 days ago

    Bitwarden was taken over by private equity just before these changes btw

    price almost doubled; it’s $19.80 a year now. Still cheaper than 1pass or lastpass, which are $3/month. I don’t think they would increase to that much, because 1pass is objectively better.

    • Willy@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      23 days ago

      Have you gotten it to fill out credit card stuff right? I can’t figure out what’s up with that.

  • Allero@lemmy.today
    link
    fedilink
    arrow-up
    0
    ·
    25 days ago

    If you or someone you trust happen to have a home server, just install Vaultwarden, which is the community fork of Bitwarden without any fees, shady stuff or reliance on Bitwarden infrastructure.

    • zebidiah@lemmy.ca
      link
      fedilink
      arrow-up
      0
      ·
      25 days ago

      If you look real close side by side there is a subtle difference…

      Suuuper easy to stand up, took me about 20 minutes to get it up and running

      • trilobite@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        24 days ago

        Well, when u say supereasy to set up, i don’t know. The need for reverse proxy was driving me nuts. For someone that doesn’t expose anything to the outside world, the need for a reverse proxy is overkill in my opinion. But i did hive up fairly easily, so i’ll have another go in the future when i have time. For now my Syncthing + Keepass setup will have to do but i do find its not 100% robust. If i have keepass open on both mobile and laptop, i’m at risk of loosing changes. If the change is made on one device and i close after change, i won’t see the change until i close keepass on the other device. But by then syncthing thinks that the latter is the most recent change and marks the file of first device as conflict file. So the chsnge is not lost but its not in the most “recent” version of the database.

        • Jason2357@lemmy.ca
          link
          fedilink
          arrow-up
          0
          ·
          23 days ago

          If you have several, it really is convenient to set up an internal reverse proxy for all your internal-only services. One place to set up let’s encrypt and set up subdomains or different paths for the different services. No need for URLs with different port numbers or IP addresses.

        • kazerniel@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          21 days ago

          Yeah this is why I don’t want to bother self-hosting. There are just too many ways to fuck it up. I’d rather pay a small fee for professionals to handle it for me 🤷 If Bitwarden goes to shit, I can always move to something else - I never heard of a password manager that didn’t let us export passwords.

    • KairuByte@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      0
      ·
      23 days ago

      I know this options exists, but honestly I don’t think I have reliable enough infrastructure. It’s hardly ever offline, but my backup game is super weak, and I have had to rebuild from scratch once in the past three years.

      What happens if I fuck up again and have to rebuild? Just feels like a massive potential failure point.

      • Allero@lemmy.today
        link
        fedilink
        arrow-up
        0
        ·
        23 days ago

        Bitwarden app is fully compatible with Vaultwarden and stores copies of all your passwords for offline access, so as long as you have access to the app somewhere, you’ll have them.

        Also, Bitwarden can export your passwords as a file in several formats, readable by Bitwarden, KeePassXC etc. You can have that stored somewhere safe.

      • Auli@lemmy.ca
        link
        fedilink
        English
        arrow-up
        0
        ·
        23 days ago

        Your backup is all your clients. Every client has a blob. If you loose it export and then import. That is if everything else fails.

  • BrilliantBadger@piefed.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    25 days ago

    Migrated to Keepass shortly before the price increase ( not because of it) just for the reason of wanting my vault fully offline. Seeing these changes at BW still makes me sad, was a long time paying user & truly enjoyed it

    Keepass is fantastiic, my vault is pretty static so just manually copy to other device as needed. And of course, have your full backup plan in place as with all things

  • gemakey@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    24 days ago

    You’re quitting over some words? All this questionable shit and you’re quitting cause they changed an acronym? Sheesh…

    • liverstealer@lemmy.zipOP
      link
      fedilink
      arrow-up
      0
      ·
      24 days ago

      It’s true - apart from the price hike, Nothing really has happened. And yet I ask you, which are you more comfortable with:

      • A company with closed communication, and still asks to be trusted at the end
      • A company having open, transparent communication
  • RainbowBlite@piefed.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    25 days ago

    The price is still reasonable for me. I don’t want to switch services because they might enshitrify someday.

    • RamSwamson@lemmy.sdf.org
      link
      fedilink
      arrow-up
      0
      ·
      24 days ago

      Well that would make sense. I was actually going to switch to bitwarden back in May after keepassxc decided to corrupt my entire database along with the backup. I had to begin the lengthy process of resetting every single password I have, I was pretty furious and never wanted to touch keepassxc again. But when I went to bitwarden’s website I noticed only paid options, so I decided to continue researching alternatives.