I have been using Bitwarden for around 7~ years. Subscription for this long too, at 10USD p/year. I will be switching due to lack of transparency, and would love to hear others thoughts on this.
The linked article goes into further detail, but here is a small summary that very much concern me / are sus:
- that 10USD per year has gone up quietly . I just checked and I have no email telling me it’s increased. It renews in like 2 months, so this is good timing for me
- Originally Bitwarden had values as apart of the acronym “GRIT”. Gratitude, Responsibility, Inclusion, and Transparency. They have changed the last two words to “Innovation, Trust”
- There is now a new CEO, this was not announced and the only reason people outside of Bitwarden know is that someone saw this change on LinkedIn
- The free tier momentarily disappeared from their product page for about a month (april14-may14). People were likely still able to make free accounts during this period. Bitwarden says it was a marketing mistake
The price hike is one thing, but for me the acronym change is most concerning, which is why I will be looking at another password manger (probably keepassxc)
I guess it’s time to move on, I’ll check PrivacyGuides for a better alternative while I compare by myself too.
I’m not gonna allow a quiet price hike, this is scummy and anti-consumer.
Great resource. However, I remember one of them recommending straight up poor advice (and I think suspected sponsored recommendations), and the community shunned them for it. I just can’t remember if its https://www.privacyguides.org/en/ or https://www.privacytools.io/
The bad one is privacytools.
Bit warden is undergoing enshittifcation in real time. It’s interesting to watch.
The price hike was announced months ago iirc and brings bitwarden in line (still cheaper) with all the other services after being the same price over years and years of inflation.
I got my eyes on em because of the vc money but the price hike isn’t out of line.
As a former subscriber since today, I didn’t get an email about it so it’s wasn’t announced enough imo.
VC money is the end of the product. The enshittification has started and will never stop.
I am testing out Syncthing right now and will switch to an offline password manager
Yeah, I switched to KeePass for the same reason. The only way I trust software is if they’ll show me the code, and the only reason to replace “transparency” with “trust” IMHO is because they want to go closed source. Innovation also tends to just mean 'we’re going to be charging you for features that used to be free ’
It much work to get all the names and passwords and stuff from BW moved over to keepass?
Not really, just had to install KeePass on my computer and export my bitwarden passwords BW makes that easy to do) and import them to KeePass. I haven’t set up the browser extension yet, as at a glance it says it doesn’t work with browsers installed with flatpak and that’s how I have LibreWolf installed. Setting up syncthing was also pretty straightforward.
Whoa no flatpak support is a problem. Thanks for the heads up.
I tested this a few weeks ago, but one thing I struggled with was having custom fields imported. Don’t know if I somehow did something wrong, but while the export data had them as expected, KeePassXC just didn’t import it all? The standard Notes did get imported, but none of my custom fields.
Sweet. Thanks.
I never use browser extension for my pwm anyway. Just the pwm apk on my phone and thats about it. Seems less likely for any shenanigans to happen that way.
Out of a desire not to switch, I’m going to ask what I know to be a naive/dumb question: what’s the worst that can happen? It’s a mature gpl codebase
They become another LastPass.
Was LastPass open source to the same degree that Bitwarden is? It’s super easy to run your own Vaultwarden server already, and it shouldn’t be a problem for the community to fork and maintain unofficial clients either. Doesn’t seem like there’s much Bitwarden as a company could do about that, even if they wanted to.
I’m surprised that nobody has (meaningfully) forked the clients yet, it seems like all the warning signs are there
When the clients start changing for the worse I’m sure there will be forks…
Yeah for sure, I’m just thinking that it can be a little rocky to get governance and contribution processes set up, sometimes those last minute forks flop because the person who decided to advertise their fork ends up being ill equipped to handle running the project. If we can get a libre warden client project working before hand then it’ll make the process a lot more seamless when issues with bitwarden arise.
Don’t be evil!!
The price is still reasonable for me. I don’t want to switch services because they might enshitrify someday.
I’ve already decided to move away from Bitwarden for these reasons but I’m still looking for what comes next.
If you or someone you trust happen to have a home server, just install Vaultwarden, which is the community fork of Bitwarden without any fees, shady stuff or reliance on Bitwarden infrastructure.
How do you use it on mobile? I didn’t find an app version
Use the Bitwarden app, it is compatible. Under the email field, choose a custom server and set it up there.
You use the normal Bitwarden app and point it to your server
If you look real close side by side there is a subtle difference…
Suuuper easy to stand up, took me about 20 minutes to get it up and running
Well, when u say supereasy to set up, i don’t know. The need for reverse proxy was driving me nuts. For someone that doesn’t expose anything to the outside world, the need for a reverse proxy is overkill in my opinion. But i did hive up fairly easily, so i’ll have another go in the future when i have time. For now my Syncthing + Keepass setup will have to do but i do find its not 100% robust. If i have keepass open on both mobile and laptop, i’m at risk of loosing changes. If the change is made on one device and i close after change, i won’t see the change until i close keepass on the other device. But by then syncthing thinks that the latter is the most recent change and marks the file of first device as conflict file. So the chsnge is not lost but its not in the most “recent” version of the database.
If you have several, it really is convenient to set up an internal reverse proxy for all your internal-only services. One place to set up let’s encrypt and set up subdomains or different paths for the different services. No need for URLs with different port numbers or IP addresses.
I know this options exists, but honestly I don’t think I have reliable enough infrastructure. It’s hardly ever offline, but my backup game is super weak, and I have had to rebuild from scratch once in the past three years.
What happens if I fuck up again and have to rebuild? Just feels like a massive potential failure point.
Your backup is all your clients. Every client has a blob. If you loose it export and then import. That is if everything else fails.
Bitwarden app is fully compatible with Vaultwarden and stores copies of all your passwords for offline access, so as long as you have access to the app somewhere, you’ll have them.
Also, Bitwarden can export your passwords as a file in several formats, readable by Bitwarden, KeePassXC etc. You can have that stored somewhere safe.
Oh that really sucks. Does anybody know any alternatives that support Addy.io integration and shared vaults? I use those heavily
You’re quitting over some words? All this questionable shit and you’re quitting cause they changed an acronym? Sheesh…
They are quitting becuase they see another lastpass happening. The new CEO is a toxic private equity leech.
Last pass was not Foss though.
It’s true - apart from the price hike, Nothing really has happened. And yet I ask you, which are you more comfortable with:
- A company with closed communication, and still asks to be trusted at the end
- A company having open, transparent communication
In this case I don’t care. I selfhost. What Bitwarden does doesn’t affect me.
I’ve been very happy and impressed with Proton Pass.
Have you gotten it to fill out credit card stuff right? I can’t figure out what’s up with that.
didn’t KeepassXC go full into vibe coding?
https://lemmy.world/post/47036606/23815574
otherwise that would be the most appealing alternative to me too
I mean they recently posted a pretty reasonable explanation about their usage of AI (https://keepassxc.org/blog/2025-11-09-about-keepassxcs-code-quality-control/ ).
I’m not sure what the guy in your link is referring to since he didn’t provide any additional context.
thanks, I haven’t seen this before
Well that would make sense. I was actually going to switch to bitwarden back in May after keepassxc decided to corrupt my entire database along with the backup. I had to begin the lengthy process of resetting every single password I have, I was pretty furious and never wanted to touch keepassxc again. But when I went to bitwarden’s website I noticed only paid options, so I decided to continue researching alternatives.
That’s it. Thank you for your service until now.
I will conti UE to self-host Vaultwarden and use the BitWarden clients until I feel the clients are not trustworthy or they are forked.
This is the email I received at the begining of the year when there were multiple articles about the price increase.
I think it’s important to note that you may have missed or deleted the email, or it potentially could have gone to your junk folder, but they did send out emails letting people know.
I got the same email with 25% discount for this year. Can’t argue with lack of transparency on that and it’s a bit unreasonable to expect no price increases ever
Yeah. If you’re using the services that might required a paid subscription, it’s not out of the realm of possibilities for there to be a price increase eventually.
I’m not discounting that there’s the potential for a pivot to less transparency and auditability going forward, I just wanted to point out that this wasn’t done with no warning.
I don’t trust the company that bought them. Private equity is almost always a bad time for consumers/users.
I don’t think I received one of these. Only heard about the price increase on Lemmy before I was invoiced with the increased sum.
Yeah. I obviously can’t be positive that they didn’t mess up, but I got an email about the price increase so it was more of a “for the record” rather than a “you’re a liar” comment. I don’t work for Bitwarden so I can’t say they didn’t miss a bunch of customers or something like that when they notified people.
although its advertised as self hosted & for companies, you can create a personal account on their server.
That’s cool I haven’t heard of that one. I personally will be avoiding Enterprise products from now on since Bitwarden
fair enough brother, Keepass + syncthing is a great alternative also
Just FYI there’s two KeepAssDX versions in FDroid: the square key and the round key logos. The round key is the Libre one you want, whereas the square one is aka the Google Play version. IzzyOnDroid mirrors the square one and it shouldn’t.
Are you sure it’s not the square key one you want? I just checked and that one is available from both Izzy and f-droid itself, whereas the round version is only available from Izzy (though that one has foss in the name and the other doesn’t)
The repo does mention “free” and “libre” apks and it would appear the only one available on Fdroid (as far as I can tell?) is the libre version.
Edit: I mention it because the official website has round logo, but this version doesn’t so not sure that’s a good indicator
