this post was submitted on 14 Jul 2023
500 points (97.3% liked)

Asklemmy

43911 readers
1028 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 168 points 1 year ago (28 children)

Bitwarden is one I use several times a day. They do have a support plan for like $10 a year that gives a couple extra features like TOTP support, but the base level is incredibly robust. It’s open source, too. I know a lot of folks also host their own servers with Vaultwarden, but that’s a little beyond my skill level.

[–] [email protected] 31 points 1 year ago (11 children)

I pay for it just because it's cheap and to support them

[–] [email protected] 8 points 1 year ago (1 children)

I pay for it just because it's cheap and to support them

I did this too when it first came out, and then the product became robust enough that I recommended we implement it at work because secrets management was non-existent. We have a bunch of licenses on the Enterprise plan now and it just keeps getting better each update.

My only complaint is that migrating the data to a new server is a pain in the ass and never works correctly, even when following the migration instructions to the letter. Always have to open a ticket with them for that. Not enough of a pain to move to another product, though.

I also still pay for my personal plan. It really is a fantastic product.

[–] [email protected] 1 points 1 year ago (2 children)

Why not just let them host it?

[–] [email protected] 1 points 1 year ago (1 children)

Pretty uncommon to host company credentials via 3rd party as policy. It wouldn't even be legal under national law for my field of work for example.

[–] [email protected] 1 points 1 year ago

Obviously situations are different but the majority of standard businesses will let bitwarden host. In fact, I'd put more trust in bitwarden than than most self hosting teams.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Because we have some contracts that stipulate any data related to the project, including secrets/credentials, must remain on-site, and in some cases, on an air-gapped network. Doesn't make sense to spin up something else to manage those secrets when Bitwarden can do it all and satisfy the requirements of those contracts.

[–] [email protected] 2 points 1 year ago

Ahh figured it'd be something like that.

load more comments (9 replies)
load more comments (25 replies)