this post was submitted on 01 May 2024
515 points (98.0% liked)
Technology
59732 readers
2445 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
To those that are confused about this:
Bitwarden does indeed handle TOTP directly in the password manager, but only on paid accounts and only logged in.
This is a completely offline app, separate from your existing Bitwarden account, that is entirely free.
It might serve as an alternative to e.g Aegis to some.
Is there a good reason I don't know about to prefer this over Aegis?
I used to use Aegis, but after setting up my own vaultwarden, I use the normal bitwarden app/plugin on all my systems for passwords and TOTP.
The advantages are that I don't need my phone to login, the keys are synced and backuped in the encrypted vaultwarden database, which I can then handle with normal server backup tools. It still works offline, because bitwarden app caches the password.
This is IMO much more convenient and secure (in a way that loosing access to a device doesn't shut you out, and you don't need to trust third parties) then most other solutions.
I don't think it caches the password. Rather a decryption key is derived from your password and is used to unlock the encrypted blob.
What I meant is that is caches the password database for offline use.