635
Bitwarden New CEO has extensive M&A, Private equity experience, Removes Transparency from its Motto
(www.fastcompany.com)
this post was submitted on 15 May 2026
635 points (99.4% liked)
Technology
84668 readers
7063 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
KeePassXC is the best FOSS option, but you'll need to figure out self hosting if you want to sync the database between devices.
or use syncthing, no hosting experience required
I found the easiest way to sync is to use rclone. This way you can use any cloud provider like Google Drive or OneDrive or DropBox. First create the rclone remote for your cloud provider using
rclone config. Second step is to create a second remote using the encryption option (menu item 16), choosing an appropriate path<first remote>:<path to directory>. Upload your KeepassXC database to this encrypted remote usingrclone copy.On Android you can use the RoundSync app from F-droid to configure the the same remotes, then create a task to copy or sync from that encrypted remote and a trigger to run that task on a schedule. Overall, this one-time setup works really well for me. This is my backup in addition to using Bitwarden for several years. Bitwarden is not going to get my money any more.
As the database is encrypted in your device, you dont really need to self host. A keepass database in the Google cloud is not really problematic, although you should still choose a more private cloud provider.
Syncthing is probably a simple fix.
Assuming you have a degoogle'd phone. The syncthing-fork devs announced that they aren't going to certify for Google Play when that's made a requirement in a few months
https://f-droid.org/packages/com.chiller3.basicsync/
Ugh, I forgot about this. Aren't you still going to be able to install apps from third-party marketplaces? I thought the plan was just that the phone was going to hassle you and require multiple hoops.
Yes, that's the plan
I think other apps will require ADB to install
After initial wait period of 24 hours, which is intolerably dumb, you don't need ADB.
make sure to use post-quantum encryption algs
Which algs would that be? ed25519 okay? Is that even an encryption alg? I'm not too hot with encryption.
And you can use a keyfile separate from the database for even more security. If the database is backed up on Google Drive and the keyfile is saved on a USB or in a (non-Google) email somewhere for the rare times you add a new device, your passwords should be safe even from keyloggers or Google themselves.