Re: [gentoo-user] Moving from Lastpass to Bitwarden
Rich Freeman wrote: > On Wed, Feb 17, 2021 at 3:01 AM Dale wrote: >> I suspect a lot of users are going to be moving from Lastpass because of >> this change. If their service was far better then people may pay it. >> Thing is, it isn't. As was pointed out in a couple things I read, they >> have been hacked in the past. What was taken was encrypted but still, >> they got hacked. > So, while I echo most of the sentiments in this thread already so I > won't repeat them, I do try to be careful about how I look at past > reports of hacks. > > Important considerations are: > 1. Why were they hacked? > 2. What did they do when they were hacked? > 3. What were the consequences? > 4. What is likely to happen in the future? > > When it comes to security the future is much more important than the > past. We look at the past as a predictor of the future. However, you > have to always keep this in mind. > > One thing I admire about Lastpass is that when they were hacked, they > immediately went public with it, disclosing at all times what was > known and explaining the impact to customers as best as they > understood it. They took steps to get users to change passwords/etc > which would protect them if the encrypted data was cracked in the > future. The way they handled the incident definitely made their > customers safer. > > Likewise as best as anybody can tell the consequences of the breach > were very limited. They ensured that customer vaults had solid > encryption, which gave them defense in depth - the breach of the > encrypted data wasn't able to be leveraged into a breach of the > unencrypted password data inside. > > These should both be seen as factors in their favor, and it is the > sort of thing that you can't really see until somebody is actually > hacked. > > I think one of the more concerning issues for their future was the > change in management when logmein bought them. I think people had > concerns about the new management. > > I definitely like that bitwarden is FOSS. One concern with ANY of > these web-based tools is that while they may very well be securely > implemented, the fact is that the actual code is remotely managed. At > any time somebody who obtains control over their infra could push out > updates that cause your client to compromise your data in a number of > ways. This requires more sustained control than just a quick snatch > of the encrypted cloud password store, but it is definitely a risk, > whether the code is FOSS or not. After all, Gentoo is FOSS, but if > somebody was able to gain control over the repositories/keys/etc they > could push literally anything in an update to your system, and unless > you're looking very carefully at your ebuilds you could have arbitrary > code running as root in no time. Obviously that is something infra > and the portage design tries to make unlikely, but it is definitely a > threat model really for any software distribution of any kind. The > automated nature of updates to these cloud-based password managers > makes these sorts of attacks potentially easier to pull off (though > I'd they would have resources dedicated to detecting a compromise like > this and mitigating it). > I was actually using Lastpass when the hack happen. I even mentioned earlier that while they were hacked, the hackers didn't gain anything because what they got was encrypted. Still, they are closed source. If their code was open source then it could be that the hack would not have happened since someone would have spotted the hole the hackers used. Who knows if there is another hole that hasn't been discovered yet. I didn't know about Lastpass being bought so this explains why the change is likely happening. After all, the new owners had to spend money to buy Lastpass and one way to get it back is to make more people pay or raise prices on the ones that already pay, or both. I've already switched. The export and import was easy enough. While the GUI looks different, it seems to do the same things. It's early yet but so far, it works well enough. I suspect we are not alone in this switch. Others may switch to something besides Bitwarden but I bet Lastpass is losing a lot of users. Dale :-) :-)
Re: [gentoo-user] Gentoo system suddenly failed to boot.
On Wednesday, 17 February 2021 21:45:35 GMT gevisz wrote: > Most probably, both my SATA disks have connection problems as > Oli Schmidt suggested from the very beginning, and because they > both have it, it points to the motherboard that already had quite > a bad track record. > > Unfortunately, I cannot diagnose it further, but later will try > to experiment with attaching my SATA drives again. It may be worth mentioning I've experience similar problems with an old MoBo, different to yours. Eventually I narrowed it down to a loose SATA connector on the MoBo. It would either fail completely to boot, or it would boot but the disk would make a clicking noise. I initially suspected a dying disk, but after I reseated the cable on the MoBo the problem went away, for a while, until I reseated it once more. :-) The ATA disk would boot normally (IDE controller). Anyway, just make sure you have enable AHCI instead of IDE type controller on your BIOS menu for the SATA disk and have configured the Gentoo kernel appropriately to include AHCI. signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Gentoo system suddenly failed to boot.
ср, 17 февр. 2021 г. в 13:58, gevisz : > > ср, 17 февр. 2021 г. в 13:50, gevisz : > > > > ср, 17 февр. 2021 г. в 04:54, Edward : > > > > > > On 2/15/21 9:53 AM, gevisz wrote: > > > > Yesterday, my relatively new install of Gentoo failed to boot with the > > > > following repeated messages: > > > > > > > > ata5.04: SATA link down (SStatus 0 SControl 0) > > > > ata5.04: hard resetting link > > > > ata5.04: failed to resume link (SStatus 0 Scontrol 0) > > > > > > > > My first thought was that something is wrong with my old IDE (ATA) > > > > drive. (The Gentoo system partition was on /dev/sda5.) > > > > > > What motherboard model is this? > > > > It is a good question. My motherboard is Gigabyte Ultra Durable > > GA-MA790FXT-UD5P > > and I had problems with it from the very beginning in the sense that it is > > quite often doesn't see my SATA disks on the first boot (though, on the > > second > > reboot it usually finds them). It is also quite often that it stops booting > > the legacy operating system and automatically reboots before showing > > a login screen. > > > > I bought it somewhere in 2006 together with a Gigabyte S-series > > GA-MA69GM-S2H > > motherboard, which I have been intensively using every day since then and > > never > > had any problem. > > > > In contrast, the Ultra Durable one has been used very rarely and for > > quite short periods of time. > > So, I do not expect it to wear off by now. > > > > > Probably BIOS disk controller setting needs to be set to either SATA AHCI > > > or something else? > > > > Well, I will look into but the problem is that it worked previously > > with the same BIOS settings. > > > > Below is an account of what I have done so far. > > > > First of all, I copied the system partition from my ATA to the SATA > > drive, updated the system, > > recompiled @system, openrc and gentoo-kernel, which unfortunately had > > no effect on the booting problem. > > > > At this stage, I started to seriously consider the suggestions above > > that it may be a hardware problem. > > > > So, I returned to the initial ATA system partition, updated the system > > there, switched off swap (in fstab), > > reinstalled grub on this disk and tried to boot from it. To my great > > surprise it failed to boot again > > complaining about links to two my SATA drives that it was not supposed > > to use at all! > > Correction: > Of course, in this case, I have not reinstalled gentoo-kernel. > So, it may be that the links to my SATA drives are still in > the initramfs that was created before. (The swap was one of my > SATA drives.) > > However, I used another SATA drive to try the system from there > (with swap on it) with the same failure to boot. > > > And the legacy operating system has absolutely no problem starting > > from the ATA drive now. > > P.S. Currently, I am going to remove my SATA disks from the system and > try to reboot it once again. If it will not help, I am going to recompile > gentoo-kernel on the only remaining ATA disk. (And, if that will not help, > I will look for the hammer. :) So, I have removed both my SATA disks and tried to reboot: the system stalled without any error message at all. After that I installed gentookernel and re-created initramfs image (the previous one was created by the gentoo-kernel package before the removal of the SATA disks). After that, my Gentoo system successfully rebooted from the only (ATA) disk that remained. So, the problem is partially solved. However, I still do not understand the exact reason for it to appear. Most probably, both my SATA disks have connection problems as Oli Schmidt suggested from the very beginning, and because they both have it, it points to the motherboard that already had quite a bad track record. Unfortunately, I cannot diagnose it further, but later will try to experiment with attaching my SATA drives again. Also, I am going to test voltage outputs of my Enermax power supply unit when I will have such a possibility. It is quite old but was not used intensively. The other one, Thermaltake, is even older, was intensively used everyday, and still had no problems. (Both were bought with a big margin with respect to my computer's power demand). Thanks to all who replied to this thread.
Re: [gentoo-user] Moving from Lastpass to Bitwarden
On Wed, Feb 17, 2021 at 3:01 AM Dale wrote: > > I suspect a lot of users are going to be moving from Lastpass because of > this change. If their service was far better then people may pay it. > Thing is, it isn't. As was pointed out in a couple things I read, they > have been hacked in the past. What was taken was encrypted but still, > they got hacked. So, while I echo most of the sentiments in this thread already so I won't repeat them, I do try to be careful about how I look at past reports of hacks. Important considerations are: 1. Why were they hacked? 2. What did they do when they were hacked? 3. What were the consequences? 4. What is likely to happen in the future? When it comes to security the future is much more important than the past. We look at the past as a predictor of the future. However, you have to always keep this in mind. One thing I admire about Lastpass is that when they were hacked, they immediately went public with it, disclosing at all times what was known and explaining the impact to customers as best as they understood it. They took steps to get users to change passwords/etc which would protect them if the encrypted data was cracked in the future. The way they handled the incident definitely made their customers safer. Likewise as best as anybody can tell the consequences of the breach were very limited. They ensured that customer vaults had solid encryption, which gave them defense in depth - the breach of the encrypted data wasn't able to be leveraged into a breach of the unencrypted password data inside. These should both be seen as factors in their favor, and it is the sort of thing that you can't really see until somebody is actually hacked. I think one of the more concerning issues for their future was the change in management when logmein bought them. I think people had concerns about the new management. I definitely like that bitwarden is FOSS. One concern with ANY of these web-based tools is that while they may very well be securely implemented, the fact is that the actual code is remotely managed. At any time somebody who obtains control over their infra could push out updates that cause your client to compromise your data in a number of ways. This requires more sustained control than just a quick snatch of the encrypted cloud password store, but it is definitely a risk, whether the code is FOSS or not. After all, Gentoo is FOSS, but if somebody was able to gain control over the repositories/keys/etc they could push literally anything in an update to your system, and unless you're looking very carefully at your ebuilds you could have arbitrary code running as root in no time. Obviously that is something infra and the portage design tries to make unlikely, but it is definitely a threat model really for any software distribution of any kind. The automated nature of updates to these cloud-based password managers makes these sorts of attacks potentially easier to pull off (though I'd they would have resources dedicated to detecting a compromise like this and mitigating it). -- Rich
[gentoo-user] Re: Moving from Lastpass to Bitwarden
On 2021-02-17, Dale wrote: > Lastpass is forcing people to use only one device type or pay a fee. > [...] > Anyone have info on switching from Lastpass to Bitwarden? Thoughts? After doing a bit of reading, I've decided that I'm switching from Lastpass to Bitwarden. I've been happy with Lastpass for several years, and even got decent e-mail support when I had questions about the command line utility. So, I considered giving them some money, but they wanted $36 per year for Premium (that seemed expensive), and I had no use for anything that $36 got me. I've read postings from several people who have exported their passwords from Lastpass and then imported them to Bitwarden with no problems, I'll give that a go sometime in the next couple weeks. I may even give Bitwarden $10. That seems like a more reasonable price, and it actually gets me something I can use: encrypted online file storage. -- Grant
Re: [gentoo-user] why both /usr/lib and /usr/lib64 on a 64bit system?
On Tue, Feb 16, 2021 at 10:57 AM Valmor F. de Almeida wrote: > > USE="elogind alsa -multilib -multiarch -abi_x86_32" > > maybe I should have used this in package.use/nvidia-drivers > instead globally. Setting abi_x86_32 globally isn't really a big problem. I wouldn't go messing with multilib/multiarch unless you really know what you're doing. I suspect at some point having these modified globally is going to cause serious breakage. -- Rich
Re: [gentoo-user] Gentoo system suddenly failed to boot.
On 17/02/2021 11:50, gevisz wrote: It is a good question. My motherboard is Gigabyte Ultra Durable GA-MA790FXT-UD5P and I had problems with it from the very beginning in the sense that it is quite often doesn't see my SATA disks on the first boot (though, on the second reboot it usually finds them). It is also quite often that it stops booting the legacy operating system and automatically reboots before showing a login screen. Sounds a bit like the mobo on my current main system - a GA-785GMT-UD2H. Not sure how old it is - it has an Athlon X-III and DDR3 ram, but it keeps on forgetting its settings at boot (resetting to default), and I gave up updating gentoo, because when I retired my Athlon Thunderbird system, I could no longer get the updates to run without crashing. It's crazy - I used to cross-compile on the Thunderbird, just to get it to build successfully!!! I've now got a new system to replace it, but that's still a project... Cheers, Wol
Re: [gentoo-user] Moving from Lastpass to Bitwarden
Neil Bothwick wrote: > On Wed, 17 Feb 2021 06:15:52 -0600, Dale wrote: > >> I suspect the reason you didn't get the notice, it won't affect you >> since you are already a paying user. While they may get some users to >> pay with this new setup, I bet they lose a lot more than they gain, user >> wise. > Maybe, but many people haven't heard of Bitwarden and will think they > have no option but to pay. > > I was never keen on the idea of giving all my passwords to someoelse, > even if they say they can't access them. I've been using Bitwarden for > about a year, I used KeePassX before then and am really happy with it. > > I simply googled for 'alternatives to Lastpass' and Bitwarden was one of a few that came up. Several links were articles comparing the two. If a person doesn't like what Lastpass is doing, it won't take much to find other password managers. They may pick something besides Bitwarden but still, they have the option of switching. I logged into my credit card on my cell phone, about the only thing I use on my cell phone anyway, it worked OK once I figured out how to get it to fill the info in. I might add, Lastpass has issues with that site as well. If I didn't know better, I'd think the website tries to prevent people from using a password manager. In a way, it is sort of stupid to do that since people reused passwords a lot before password managers came along. Heck, even I used the same password for financial type sites for a long time. Once I started using Lastpass, I used different passwords and even different lengths of passwords based on the site. It's a lot more secure as long as the master password is a good one. I had a really simple password for some sites that a hacker would most likely die from laughter than anything else if they wanted to hack it. LOL Good to know others like Bitwarden tho. That helps. Dale :-) :-)
Re: [gentoo-user] Moving from Lastpass to Bitwarden
On Wed, 17 Feb 2021 06:15:52 -0600, Dale wrote: > I suspect the reason you didn't get the notice, it won't affect you > since you are already a paying user. While they may get some users to > pay with this new setup, I bet they lose a lot more than they gain, user > wise. Maybe, but many people haven't heard of Bitwarden and will think they have no option but to pay. I was never keen on the idea of giving all my passwords to someoelse, even if they say they can't access them. I've been using Bitwarden for about a year, I used KeePassX before then and am really happy with it. -- Neil Bothwick / For security reasons, all text in this mail is double-rot13 encrypted. / pgpgNlRQzC88a.pgp Description: OpenPGP digital signature
Re: [gentoo-user] Moving from Lastpass to Bitwarden
John Covici wrote: > On Tue, 16 Feb 2021 19:04:01 -0500, > Dale wrote: >> Howdy, >> >> Lastpass is forcing people to use only one device type or pay a fee. >> I've used the free version of Lastpass for years and it works well for >> me. I use it on my desktop and my cell phone too. However, I don't >> want to be limited to one device type and I also don't care much for >> paying for the service either. After doing some searching, it seems >> Bitwarden is pretty close to Lastpass. Anyone here used both that can >> tell me if there is any differences between the two, bad differences for >> sure? The new restrictions don't start for a while, March I think, so I >> have time to switch. According to search info, I can even export from >> Lastpass and import to Bitwarden pretty easily. >> >> The only downside I've found so far is that Bitwarden isn't available >> for Seamonkey. Thing is, Lastpass hasn't updated the addon for >> Seamonkey in 2 or 3 years either so I'm using a older legacy version >> anyway. I'm not sure how much of a downside that is but I won't be able >> to use a password manager at all for Seamonkey. I hate to say this but >> Seamonkey is going to die if people don't start getting addons working >> with it. Firefox has tons of addons that Seamonkey doesn't. I like >> that it is a browser and email all in one but it is getting more limited >> every day. >> >> Anyone have info on switching from Lastpass to Bitwarden? Thoughts? > hmmm, I never got a notice like that, but I am a premium user, so > maybe that is the reason. It was worth it so I could give emergency > access. > This is the announcement. https://support.logmeininc.com/lastpass/help/what-can-i-expect-to-change-for-lastpass-free-on-march-16-2021 I suspect the reason you didn't get the notice, it won't affect you since you are already a paying user. While they may get some users to pay with this new setup, I bet they lose a lot more than they gain, user wise. After all, I was able to switch in well under 5 minutes. I have three Firefox profiles and a cell phone and it still didn't take long. Most of that was downloading the app or addon. If my DSL was faster, 2 or 3 minutes maybe. I spent more time composing my first message about this switch. lol I have my important passwords on a encrypted USB stick. If I get hit by lightening or something, I have a family member who can decrypt the USB stick and have the password and other info as well. To be honest tho, it isn't needed. My bank and such already has the paperwork needed to close accounts and take care of other things. Still, I'm not worried about forgetting or losing my password, I'd be more worried about it getting corrupted and not being able to login whether I'm a paying user or not. It could happen even tho I suspect it is very rare. I guess time will tell how well this works. ;-) Dale :-) :-)
Re: [gentoo-user] Gentoo system suddenly failed to boot.
ср, 17 февр. 2021 г. в 13:50, gevisz : > > ср, 17 февр. 2021 г. в 04:54, Edward : > > > > On 2/15/21 9:53 AM, gevisz wrote: > > > Yesterday, my relatively new install of Gentoo failed to boot with the > > > following repeated messages: > > > > > > ata5.04: SATA link down (SStatus 0 SControl 0) > > > ata5.04: hard resetting link > > > ata5.04: failed to resume link (SStatus 0 Scontrol 0) > > > > > > My first thought was that something is wrong with my old IDE (ATA) > > > drive. (The Gentoo system partition was on /dev/sda5.) > > > > What motherboard model is this? > > It is a good question. My motherboard is Gigabyte Ultra Durable > GA-MA790FXT-UD5P > and I had problems with it from the very beginning in the sense that it is > quite often doesn't see my SATA disks on the first boot (though, on the second > reboot it usually finds them). It is also quite often that it stops booting > the legacy operating system and automatically reboots before showing > a login screen. > > I bought it somewhere in 2006 together with a Gigabyte S-series GA-MA69GM-S2H > motherboard, which I have been intensively using every day since then and > never > had any problem. > > In contrast, the Ultra Durable one has been used very rarely and for > quite short periods of time. > So, I do not expect it to wear off by now. > > > Probably BIOS disk controller setting needs to be set to either SATA AHCI > > or something else? > > Well, I will look into but the problem is that it worked previously > with the same BIOS settings. > > Below is an account of what I have done so far. > > First of all, I copied the system partition from my ATA to the SATA > drive, updated the system, > recompiled @system, openrc and gentoo-kernel, which unfortunately had > no effect on the booting problem. > > At this stage, I started to seriously consider the suggestions above > that it may be a hardware problem. > > So, I returned to the initial ATA system partition, updated the system > there, switched off swap (in fstab), > reinstalled grub on this disk and tried to boot from it. To my great > surprise it failed to boot again > complaining about links to two my SATA drives that it was not supposed > to use at all! Correction: Of course, in this case, I have not reinstalled gentoo-kernel. So, it may be that the links to my SATA drives are still in the initramfs that was created before. (The swap was one of my SATA drives.) However, I used another SATA drive to try the system from there (with swap on it) with the same failure to boot. > And the legacy operating system has absolutely no problem starting > from the ATA drive now. P.S. Currently, I am going to remove my SATA disks from the system and try to reboot it once again. If it will not help, I am going to recompile gentoo-kernel on the only remaining ATA disk. (And, if that will not help, I will look for the hammer. :)
Re: [gentoo-user] Gentoo system suddenly failed to boot.
ср, 17 февр. 2021 г. в 04:54, Edward : > > On 2/15/21 9:53 AM, gevisz wrote: > > Yesterday, my relatively new install of Gentoo failed to boot with the > > following repeated messages: > > > > ata5.04: SATA link down (SStatus 0 SControl 0) > > ata5.04: hard resetting link > > ata5.04: failed to resume link (SStatus 0 Scontrol 0) > > > > My first thought was that something is wrong with my old IDE (ATA) > > drive. (The Gentoo system partition was on /dev/sda5.) > > What motherboard model is this? It is a good question. My motherboard is Gigabyte Ultra Durable GA-MA790FXT-UD5P and I had problems with it from the very beginning in the sense that it is quite often doesn't see my SATA disks on the first boot (though, on the second reboot it usually finds them). It is also quite often that it stops booting the legacy operating system and automatically reboots before showing a login screen. I bought it somewhere in 2006 together with a Gigabyte S-series GA-MA69GM-S2H motherboard, which I have been intensively using every day since then and never had any problem. In contrast, the Ultra Durable one has been used very rarely and for quite short periods of time. So, I do not expect it to wear off by now. > Probably BIOS disk controller setting needs to be set to either SATA AHCI or > something else? Well, I will look into but the problem is that it worked previously with the same BIOS settings. Below is an account of what I have done so far. First of all, I copied the system partition from my ATA to the SATA drive, updated the system, recompiled @system, openrc and gentoo-kernel, which unfortunately had no effect on the booting problem. At this stage, I started to seriously consider the suggestions above that it may be a hardware problem. So, I returned to the initial ATA system partition, updated the system there, switched off swap (in fstab), reinstalled grub on this disk and tried to boot from it. To my great surprise it failed to boot again complaining about links to two my SATA drives that it was not supposed to use at all! Of course, in this case, I have not reinstalled gentoo-kernel. So, may be, the links to my SATA drives are in the initramfs that still contains links to one of the other SATA drive. (Its swap was there.) However, I used another SATA drive to try the system from there. And the legacy operating system has absolutely no problem starting from the ATA drive now.
Re: [gentoo-user] Moving from Lastpass to Bitwarden
On Tue, 16 Feb 2021 19:04:01 -0500, Dale wrote: > > Howdy, > > Lastpass is forcing people to use only one device type or pay a fee. > I've used the free version of Lastpass for years and it works well for > me. I use it on my desktop and my cell phone too. However, I don't > want to be limited to one device type and I also don't care much for > paying for the service either. After doing some searching, it seems > Bitwarden is pretty close to Lastpass. Anyone here used both that can > tell me if there is any differences between the two, bad differences for > sure? The new restrictions don't start for a while, March I think, so I > have time to switch. According to search info, I can even export from > Lastpass and import to Bitwarden pretty easily. > > The only downside I've found so far is that Bitwarden isn't available > for Seamonkey. Thing is, Lastpass hasn't updated the addon for > Seamonkey in 2 or 3 years either so I'm using a older legacy version > anyway. I'm not sure how much of a downside that is but I won't be able > to use a password manager at all for Seamonkey. I hate to say this but > Seamonkey is going to die if people don't start getting addons working > with it. Firefox has tons of addons that Seamonkey doesn't. I like > that it is a browser and email all in one but it is getting more limited > every day. > > Anyone have info on switching from Lastpass to Bitwarden? Thoughts? hmmm, I never got a notice like that, but I am a premium user, so maybe that is the reason. It was worth it so I could give emergency access. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici wb2una cov...@ccs.covici.com
Re: [gentoo-user] Moving from Lastpass to Bitwarden
Hi all! I'm using app-admin/pass. There is an android app (password store) and if you have a vps server, you can sync it remotely using git. Or maybe with a wireguard vpn? The android app is maybe not as good as lastpass, but for me it's enough and free :) And I think the price should not change for the next decade ;) Regards, rba Le mer. 17 févr. 2021 à 08:04, Arve Barsnes a écrit : > On Wed, 17 Feb 2021 at 01:04, Dale wrote: > > Anyone have info on switching from Lastpass to Bitwarden? Thoughts? > > I'm in the same situation. I even paid for Lastpass in the past, back > when you had to pay to get it on mobile, but the price I'm looking at > now is way too high. > > From what I read elsewhere, Bitwarden seems well regarded, and among > the top choices for those choosing to switch now. I'd even be willing > to pay for a service like this, but Bitwarden's basic paid tier, at > only $10, doesn't seem to give me anything extra that would use. > Still, good to know that I could support them for a much lower price > than Lastpass. > > It's also a bonus that it's open source. > > People seem to find it really easy to switch, so at the moment I'm > thinking about just moving all my passwords and having both for a bit, > just to try it out. > > Regards, > Arve > > >
Re: [gentoo-user] Moving from Lastpass to Bitwarden
Arve Barsnes wrote: > On Wed, 17 Feb 2021 at 01:04, Dale wrote: >> Anyone have info on switching from Lastpass to Bitwarden? Thoughts? > I'm in the same situation. I even paid for Lastpass in the past, back > when you had to pay to get it on mobile, but the price I'm looking at > now is way too high. > > >From what I read elsewhere, Bitwarden seems well regarded, and among > the top choices for those choosing to switch now. I'd even be willing > to pay for a service like this, but Bitwarden's basic paid tier, at > only $10, doesn't seem to give me anything extra that would use. > Still, good to know that I could support them for a much lower price > than Lastpass. > > It's also a bonus that it's open source. > > People seem to find it really easy to switch, so at the moment I'm > thinking about just moving all my passwords and having both for a bit, > just to try it out. > > Regards, > Arve > > Since my post, I've created a account. I even imported my passwords from Lastpass which wasn't hard at all. So far, it works fine. Heck, I may even pay for the small plan. I don't mind paying a little for something but Lastpass doesn't offer any features in the paid plans I needed in the past. The only reason I'd consider it with Bitwarden, it's open source. I've donated to a couple addons that I use a lot in Firefox as well. I'm just a little picky is all. One thing I thought of, keep Lastpass installed on Seamonkey and just update the passwords as needed. Some passwords I only change once a year or so anyway. I can get the new password from Bitwarden, go to Seamonkey and update Lastpass directly or while logging in. Either way, it should work and I'd only be using Lastpass in Seamonkey which means one device type and even one device period. I suspect a lot of users are going to be moving from Lastpass because of this change. If their service was far better then people may pay it. Thing is, it isn't. As was pointed out in a couple things I read, they have been hacked in the past. What was taken was encrypted but still, they got hacked. Bitwarden is open source which means a lot of eyeballs looking at the code. For that reason, or a good part of it, it has never been hacked. It seems that with the Lastpass changes, Bitwarden will offer for free what Lastpass doesn't and be more secure as well. I like how these password managers work. I've read that even if a court order is served to Lastpass, Bitwarden or others that work the same way, all they get is encrypted files. Unless they can crack it, it does them no good. It's one reason I like using them. I figured if Bitwarden had any serious problems, I'd hear from someone pretty fast. As I continued to research it, I just couldn't find anything recent that was bad. Some say it is a little cludgy and all but at times, I want to strangle Lastpass. On a few sites, it just does not want to auto-fill or fill at all until I force it to by doing a lot of clicking and selecting. I've had a site or two where I had to go to the vault and copy the password and then paste it in manually. I don't like having passwords in my clipboard. Sort of negates having a good password tool. ;-) If anyone has some info on it, I'm listening. I'm sure someone here uses Bitwarden. Thanks. Dale :-) :-)