Tuesday November 20, 2018
Thoughts & Ideas
It’s been nearly 2 years since I originally wrote about How I Manage Passwords with KeePass. That blog entry was inspired by Troy Hunt’s post, “The only secure password is one you can’t remember”. Using KeePass has been a wonderful experience, and I’m thoroughly convinced that everyone should be using a password manager. The ease and security that a password manager provides is way better than anything else you might be doing.
KeePass is a relatively old application. KeePass 1 was originally released for Windows XP in 2003, and KeePass 2 came out of beta in 2009. It shows - KeePass feels like a Windows application from the early 2000’s. (Its icons and toolbar are a bit dated.) Although the application itself is old, it’s still actively developed, and remains one of the most popular password managers. There are a large number of plugins available and because it’s open source, it’s pretty easy to find a KeePass-compatible application for any device or operating system.
Using “KeePass” as your password manager really entails using a combination of several different applications and services to work with a KeePass password database file. I used Dropbox to sync my password database between all my devices. I used Keepass2Android to read and store passwords from my phone. And I used KeePassXC on my Linux and macOS computers. (And if you’re using KeePass, I highly recommend all of these apps.) Although there are some browser plugins available for KeePass or KeePassXC, they always seemed finicky to me and I never found one I liked, so I stuck with the desktop application.
All in all, KeePass has widespread support for different platforms and plugins. It’s very mature and also very flexible. Although the number of applications and plugins available can be appealing, less technical users might find it confusing and difficult to set up.
Bitwarden is the new kid on the block, with version 1.0 released near the end of 2016. It was designed - from the beginning - to be used in a multi-device environment and sync passwords over the web, providing an open source solution that can compete with other web-based password managers. Although KeePass (and its derivatives) are open source, they aren’t web-based so they require additional services or plugins (like Dropbox) to make them sync across different devices. Bitwarden is an all-inclusive solution, providing a unified experience across every platform.
Bitwarden provides official desktop applications for Windows, Mac, and Linux; official phone apps for iOS and Android; and official browser plugins for Chrome, Firefox, and Safari (in addition to others). Because all the apps are officially supported by Bitwarden, there’s no need to find a 3rd-party application to support your device. And because Bitwarden has built-in support to synchronize your passwords over the web, there’s no need to set up additional cloud storage systems. Ultimately, this leads to a smoother user experience that’s also much easier to configure.
I’ve been using Bitwarden for almost a month now, and I’m really happy with it. I’m using the browser extension and the android app, and I love how seamless and effortless the experience is. Although my experience with KeePass was good, there were minor annoyances here and there - like trying to find the right plugin or fiddling with the browser extension. With Bitwarden, all that friction is gone. I think the biggest reasons to use KeePass have always been that it’s free (no cost) and open source, so the code can be reviewed for security. I think Bitwarden also meets those criteria, and provides a more modern password management solution with none of the drawbacks of KeePass. The simplicity of configuring Bitwarden is the nail in the coffin for me, and it was really easy to import my passwords.
|Stood the test of time.||Built for web sync.|
|Includes password generator.||Includes password generator.|
|Ported to every platform/OS imaginable.||Support for all major platforms.|
|Lots of plugins.||Seamless browser extension support.|
|Requires Dropbox to sync.||Easier to set up.|
|Harder for beginners to understand.||Seems more actively maintained.|
While I like KeePass, I think Bitwarden is great, and I’d encourage you to give it a try if you’re thinking about using a different password manager or trying one for the first time.
Disclaimer: I’m not affiliated with KeePass nor Bitwarden, and I wasn’t compensated in any way to promote one or the other. I just like writing about useful software.