- cross-posted to:
- technology@lemmy.world
- linux@lemmy.world
- cross-posted to:
- technology@lemmy.world
- linux@lemmy.world
Bitwarden introduced a non-free dependency to their clients. The Bitwarden CTO tried to frame this as a bug but his explanation does not really make it any less concerning.
Perhaps it is time for alternative Bitwarden-compatible clients. An open source client that’s not based on Electron would be nice. Or move to something else entirely? Are there any other client-server open source password managers?
BitWarden already has lots of clients. There’s also VaultWarden for the server if you want.
This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It’s a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it’s just not going to be in the official BitWarden clients. Hardly news or a big deal.
I can only speak for myself, but I would never trust opaque, proprietary software to manage my credentials, especially in a networked environment. For me, that’s a total showstopper.
I’ve never had need to use Bitwarden or Vaultwarden as I’ve always been happy with KeePass, but this news would definitely have me choosing an alternative.
I always found it weird for people to recommend BitWarden … it just FELT like a company that’ll go completely off track sooner or later. And it did. Oh wonder. KeePass ftw!
Let’s see how things evolve before declaring things like that.
Eh, there’s a completely independent reimplementation of the server, so I’d be surprised if the same doesn’t happen for the apps if there’s a real issue that comes up
Does it? I’d be very much interested to know. I’ve been looking for other clients before, because I didn’t like the sluggishness of the Electron client, but couldn’t find any usable clients at all. There are some projects on Github, none of which seemed to be in a usable state. Perhaps I have been missing something.
Nobody said that they can’t do that (although people rightfully questioned that their changes are indeed comatible with the GPLv3). I very much disagree that this isn’t a big deal, though.
I use Keyguard on my phone. Loving it so far. Mostly focused on Android but also available for all major platforms.
Keyguard is not open-source, only source-available.
Thanks, I haven’t seen that one before, but I’d really prefer an open source application.