25
posted ago by christianknight ago by christianknight +25 / -0

Considering switching to them. What prevents their servers from getting hacked? Or their own staff from peering into my data?

Comments (10)
sorted by:
5
krzyzowiec 5 points ago +5 / -0

Well anyone can read their server / client code, so that’s a plus. You always have to have faith on some level though. For example, you can see the source code, but how do you know they didn’t add anything before compiling the binary? You don’t and it’s not really a feasible thing to test.

If they indeed store the encryption key client side, then that’s a very good sign. If they do local encryption then their employees would be unable to read your data. If they were hacked, the hackers would only get access to your encrypted data anyway.

4
deleted 4 points ago +4 / -0
1
christianknight [S] 1 point ago +1 / -0

ok I will look into it.

1
deleted 1 point ago +1 / -0
1
grumpylicious 1 point ago +1 / -0

I just run bitwarden server myself. Just launch it using docker and you're golden.

1
BigBrassBowls 1 point ago +1 / -0

They’re the ones who claim the data is encrypted on your device and only the client holds the keys right? Encryption is getting easier to be broken. If you care about your privacy you should assume that once the data leaves your hands it is potentially going to be cracked

1
christianknight [S] 1 point ago +1 / -0

I know people who store their passwords in a single document with a random name in the open, this cant be worse can it?

1
BigBrassBowls 1 point ago +1 / -0

Well, yes that’s not very wise either...

1
christianknight [S] 1 point ago +1 / -0

my biggest problem is the new passwords, services are requiring new and more complex passwords and I can no longer remember all the variants. Getting locked out or having my accounts frozen after 3 tries doesnt help either.

1
actual_physical_kelp 1 point ago +1 / -0

I use bitwarden. I don't run it myself. It works well. I would trust it over saving passwords in your browser. Nothing is completely secure, but that doesn't mean that bitwarden isn't a good product. Plus, free unless premium which is just $10 a year.