Quiet Changes in Bitwarden
(itsfoss.com)
PrivacyI have been using Bitwarden for around 7~ years. Subscription for this long too, at 10USD p/year. I will be switching due to lack of transparency, and would love to hear others thoughts on this.
The linked article goes into further detail, but here is a small summary that very much concern me / are sus:
- that 10USD per year has gone up quietly . I just checked and I have no email telling me it's increased. It renews in like 2 months, so this is good timing for me
- Originally Bitwarden had values as apart of the acronym "GRIT". Gratitude, Responsibility, Inclusion, and Transparency. They have changed the last two words to "Innovation, Trust"
- There is now a new CEO, this was not announced and the only reason people outside of Bitwarden know is that someone saw this change on LinkedIn
- The free tier momentarily disappeared from their product page for about a month (april14-may14). People were likely still able to make free accounts during this period. Bitwarden says it was a marketing mistake
The price hike is one thing, but for me the acronym change is most concerning, which is why I will be looking at another password manger (probably keepassxc)
That's it. Thank you for your service until now.
This is the email I received at the begining of the year when there were multiple articles about the price increase.
I think it's important to note that you may have missed or deleted the email, or it potentially could have gone to your junk folder, but they did send out emails letting people know.
If you or someone you trust happen to have a home server, just install Vaultwarden, which is the community fork of Bitwarden without any fees, shady stuff or reliance on Bitwarden infrastructure.
If you look real close side by side there is a subtle difference....
Suuuper easy to stand up, took me about 20 minutes to get it up and running
It got bought by a company owned by Vista Equity partners, a private equity firm.
The loss of values happened at Citrix when it was Vought by Vista. They installed Tom Krauseasthe CEO to gut it from the inside out.
Everybody should have an exit plan ready to be able to leave bitwarden
Bitwarden got bought by private equity?
https://techcrunch.com/2022/09/06/open-source-password-manager-bitwarden-raises-100m/
No, they took $100 million in VC. Never a good sign imho.
Migrated to Keepass shortly before the price increase ( not because of it) just for the reason of wanting my vault fully offline. Seeing these changes at BW still makes me sad, was a long time paying user & truly enjoyed it
Keepass is fantastiic, my vault is pretty static so just manually copy to other device as needed. And of course, have your full backup plan in place as with all things
didn't KeepassXC go full into vibe coding?
https://lemmy.world/post/47036606/23815574
otherwise that would be the most appealing alternative to me too
I mean they recently posted a pretty reasonable explanation about their usage of AI (https://keepassxc.org/blog/2025-11-09-about-keepassxcs-code-quality-control/ ).
I'm not sure what the guy in your link is referring to since he didn't provide any additional context.
thanks, I haven't seen this before
The CEO apparently is a big private equity guy, and those bloodsucking ticks only know how to do one thing: Suck every last drop of money and goodwill from the company and its customers as quickly as possible.
Breaks my heart, I've been a massive Bitwarden advocate for years. Been happily paying for the individual paid plan. I'm now working on setting up KeyPassXC with syncthing.
Does KeyPassXC have passkey and TOTP support?
Yes. For passkey, you need to install the browser plugin and enable support in the preferences.
Do you know if I can get KeePass working on both PC and Android in sync with Syncthing?
I have been using it that way for years and it works well (for this scenario no problem). Only recently I switched from Syncthing to using mounted SMB share. I switched partly because of the Syncthing for Android maintainer switch (though I still think its safe) and because Syncthing sometimes didn't sync on my Iodé custom rom and I got tired of having to open the app to sync.
I used to do that few years ago. It worked very well. Never had any issues. I've used KeePassDX on Android and KeePassXC on Linux.
The price is still reasonable for me. I don't want to switch services because they might enshitrify someday.
Lol.. From Transparency to "Just Trust Me Bro".
Totally agree. I've been a multi-year paying customer of bitwarden for the family, always happy with their service, especially when compared with the 1pass I use at work. But that CEO avatar picture alone gives me enough bad vibes, let alone his credentials, the acronym change, so yea I too reckon I've been putting off the switch long enough now.
I came from keepass, can't go back there, even if I now have syncthing set up everywhere. Also, how would that work for the family, you force everyone to set up their own file and hope they manage it well? Highly doubtful.
I saw aliasvault pop up too, this last week. Haven't looked into it yet, and although a great contender, it's probably too young to seriously consider.
These are the alternatives according to selfh.st/apps :
- Vaultwarden
- Password Pusher
- KeePassXC
- Passbolt
- Infisical
- OpenBao
- YeetFile
- AliasVault
- OrigamiVault
Anyone here had some bad experiences with any of these?
still in beta (stable) but im using aliasvault for a couple of months now and i don’t have any issues
vaultwarden allows you to keep using the bitwarden client i think, just with your own server. should be the most seamless for the family.
If bitwarden went completely rotten could they cease and desist vault warden?
I'd asked a similar question. Basically, the response I got was: if the something goes sideways, the community can hard fork all their clients and use vaultwarden as a server (their current licenses would allow that).
Another suggestion was that you can always use the web ui bundled with vaultwarden directly (heh, I've been using vaultwarden for years and I don't think I ever used the web ui - just the applications, CLI, browser extension).
Switched from keepassxc to vaultwarden a while ago (mostly due to the horrible syncing experience, and to use the same password manager as my family so I could help out better).
It's a selfhosted and open source version of the Bitwarden server, you'll use the (open source) Bitwarden clients. So its all features of Bitwarden plus full transparency
Password Pusher is no password manager, only for securely sharing information.
Running on Vaultwarden, though that still depends on the official BitWarden Clients. Works great though, and can be selfhosted on pretty small machines. Very satisfied with it.
Passbolt was not on my radar when I was in the market for a new password manager, but would be a serious consideration today.
If considering a self hosted alternative, remember that backups are your responsibility then as well.
I’ve been very happy and impressed with Proton Pass.
Yeah, I switched to KeePass for the same reason. The only way I trust software is if they'll show me the code, and the only reason to replace "transparency" with "trust" IMHO is because they want to go closed source. Innovation also tends to just mean 'we're going to be charging you for features that used to be free '
It much work to get all the names and passwords and stuff from BW moved over to keepass?
Not really, just had to install KeePass on my computer and export my bitwarden passwords BW makes that easy to do) and import them to KeePass. I haven't set up the browser extension yet, as at a glance it says it doesn't work with browsers installed with flatpak and that's how I have LibreWolf installed. Setting up syncthing was also pretty straightforward.
Out of a desire not to switch, I'm going to ask what I know to be a naive/dumb question: what's the worst that can happen? It's a mature gpl codebase
They become another LastPass.
Was LastPass open source to the same degree that Bitwarden is? It's super easy to run your own Vaultwarden server already, and it shouldn't be a problem for the community to fork and maintain unofficial clients either. Doesn't seem like there's much Bitwarden as a company can do about that, even if they wanted to.
I'm surprised that nobody has (meaningfully) forked the clients yet, it seems like all the warning signs are there
When the clients start changing for the worse I'm sure there will be forks..
Yeah for sure, I'm just thinking that it can be a little rocky to get governance and contribution processes set up, sometimes those last minute forks flop because the person who decided to advertise their fork ends up being ill equipped to handle running the project. If we can get a libre warden client project working before hand then it'll make the process a lot more seamless when issues with bitwarden arise.
In the same boat as you.
I don't like how it's changing, I also don't like how the UI is changing and, sadly, as a EU citizen I can't trust it any longer since it is made in the USA.
But I'm no hurry to switch. I mean, I won't rush or worry about paying one more year subscription if I have to. I'll try alternatives as long as I have too. So far, there is
- the Canadian 1Password and
- the non-synced/local but free to use KeepassXC that are standing out.
Both work with Linux.
non-synced/local but free to use KeepassXC
I sync it with Synching with no issues.
Interesting! What do you use to open it on your phone?
KeePassDX-libre
Disappointing, but I'm still going to be running the free tier of Bitwarden for the time being. Thanks for the heads up.
Oh that really sucks. Does anybody know any alternatives that support Addy.io integration and shared vaults? I use those heavily
I've already decided to move away from Bitwarden for these reasons but I'm still looking for what comes next.
Curious what did you move to?
I am looking at aliasvault.net or keepassxc. Vaultwarden I'm not super interested in either as one of its big developers works at Bitwarden, they could be pressured to stop working on it etc. Potential conflict of interest
That’s true, but as long as I have it hosted locally and it keeps working I’m fine with it. I have really gotten used to the bitwarden client simply working on all the devices/browsers.
Exactly. We can just fork it, if the need ever arrives.
There's no reason for is to suffer through a more clunky solution when this is all open source.
That's a good point
https://psono.com/
although its advertised as self hosted & for companies, you can create a personal account on their server.
That's cool I haven't heard of that one. I personally will be avoiding Enterprise products from now on since Bitwarden
fair enough brother, Keepass + syncthing is a great alternative also:
for PC: https://keepassxc.org/
for Phone: https://www.keepassdx.com/
for syncing: https://syncthing.net/
Just FYI there's two KeepAssDX versions in FDroid: the square key and the round key logos. The round key is the Libre one you want, whereas the square one is aka the Google Play version. IzzyOnDroid mirrors the square one and it shouldn't.
Are you sure it's not the square key one you want? I just checked and that one is available from both Izzy and f-droid itself, whereas the round version is only available from Izzy (though that one has foss in the name and the other doesn't)
The repo does mention "free" and "libre" apks and it would appear the only one available on Fdroid (as far as I can tell?) is the libre version.
Edit: I mention it because the official website has round logo, but this version doesn't so not sure that's a good indicator
