Too many passwords? Use a password manager, KeePass vs. Bitwarden
If you have too many passwords, it is hard to remember them all. Here is a comparison of the 2 best open source password managers: KeePass and Bitwarden. How to use them, pros and cons.
The best password is the one you can’t remember
You shouldn’t use the same password for multiple accounts, experts say. Feasible? Maybe, if you have a good memory. They also suggest creating complex passwords made up of lowercase and uppercase letters, as well as numbers and special characters. Let’s be honest, which of us is able to remember dozens of y%e#Ykb*o2S5^5:6vx+@-like passwords?
Of course, it’s easier to remember simple things like my-cat-name-123 or my-date-of-birth, and maybe jot down the complicated ones on a post-it attached to the monitor 😉
On the other hand, something has to be done to improve our security. We have to defend ourselves from the violations of our digital identities and the theft of personal data/assets perpetrated every day. Impossible mission? No, it can be done with relative ease. It has to be done.
Thanks to a password manager, you have to remember only one “master password” and let the tool do the hardest part of the job for you, which is to generate and keep safe all your passwords. Best options are KeePass and Bitwarden because both are free, open-source and cross-platform. Either way, you can access your passwords through any device and wherever you are.
Open source is a guarantee of transparency on the functioning of software because the code that generates them is publicly available and can be analyzed. This is even more important when it comes to tools for managing your sensitive data, as is the case with KeePass and Bitwarden. Let’s see how they work, what differences there are, and which one is best suited to your needs.
KeePass, flexible and ultra-secure
Appearances can be deceiving sometimes, and this is also the case with KeePass and its somewhat “aged software” appearance. Although not the latest, the interface is clear and functional.
Although it has not undergone substantial graphic restyling since 2003, it has been constantly updated. There are many forks around, but the original version is still the one preferred by those who do not accept compromises and require very high safety standards.
The original version of KeePass does not natively support the cloud, so it allows data to be saved only on a local memory drive (hard disk, SSD, pen drive etc.). You can overcome this limit by choosing to save the .kdbx archive in a folder synchronized with any cloud service such as Nextcloud (suggested), Dropbox, Google Drive etc. This way, you have the advantage of having a backup copy of your data, and you can access it with all your devices connected to the same cloud account.
KeePass uses the established AES-256 standard to encrypt your valuable information. In some circumstances, sensitive data is more exposed to hacking, for example when you have to enter a password in your browser while logging in a website. In these cases, the “autotype” function comes in handy, replacing the classic and potentially dangerous copy and paste.
Kee Vault was born around the KeePass autotype, invulnerable to common keyloggers. It is an integration tool between KeePass and browsers to simplify and securely automate access to your accounts without relying on the browser’s native password managers, often threatened by hacking attempts. Free extensions are available for Firefox and for Chrome.
Kee Vault is not the only complementary tool. KeePass ecosystem is a proper security suite made up of dozens of plugins and extensions that enrich its functionality by extending the possibilities of use to all major operating systems. The supporting community is very active and helpful.
All free? Yes, the project is based on passion and donations. So if your choice falls on KeePass, consider thanking the development team and making a donation to express your gratitude and support the growth of this splendid software.
Bitwarden, simple and convenient
Things with Bitwarden work very differently starting from the interface which is much more modern and user friendly.
The use of Bitwarden is also congenial to those who have no experience with archives or spreadsheets of a certain complexity. Unlike KeePass, you can only use the built-in features. There is no possibility of using extensions and plugins. Don’t worry, bread and butter is there, including Two-factor Authentication (2FA) and perfect integration with all major browsers and platforms.
The most important structural difference is that Bitwarden, unlike KeePass, automatically stores data on the cloud (Microsoft’s Azure servers) after having encrypted them locally. This is to allow the user to access their data through multiple devices. Whether and how much this feature makes Bitwarden less secure than Keepass has often been topic of discussion. What is certain is that the server component adds a potential attack surface for hackers, but this applies to all software.
The encryption standards used are AES-CBC 256-bit and PBKDF2 SHA-256, both safe and officially never violated, as well as for AES-256 adopted by KeePass. You can host Bitwarden on your own server.
Although Bitwarden is developed by a small company, it must be said that the support is very good, the documentation is exhaustive, and the community forum is responsive and welcoming. The free version of the service can meet the needs of many users, but the paid features are certainly tempting for those who work in a team. As for KeePass, the suggestion to subscribe to a paid plan is also valid here to help the development of a project that has the great merit of bringing many newbies closer to good safety practices.
Use a password manager, whatever it is. As you may have guessed, there is no best option for everyone. KeePass offers a paranoid level of security, expandability, and the guarantee of a long history behind it. On its side, Bitwarden has a remarkable simplicity of use and can be considered an all-inclusive solution suitable for average users. Make your choice based on your personal needs and preferences, perhaps after trying both.
You’ve come to read this far, so you deserve some “special” advice. In addition to usernames, passwords, PINs and the like, you can keep safe all kinds of sensitive data in a password manager. You can store images, PDFs, audios, text notes, private keys of your cryptocurrencies (read our article about them) and anything you want to protect from prying eyes. If you think you have no secrets… think again and start using a password manager today.
Feel free to contact us to report any errors, make suggestions or just to say hello. We are also available for consultations.
If you find this article useful offer us a coffee.
You may find other articles of your interest about Security, Tech and more, just scroll down the page.