BitWarden is F(antastic)OSS.
this post was submitted on 31 Jul 2025
258 points (95.1% liked)
Technology
73534 readers
3767 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Aegis ia even better
How? BitWarden has great 2FA, but is also a password manager with good integrations, group sharing, etc. Plus when you log in with it, it auto-copies the 2fa to clipboard.
Assuming you've used both, so what does Aegis bring to the table? Wondering if I should try it.
For the same reason you usually shouldnt store 2FA in the passwordmanager.
Besides that Aegis has some features like automated (encrypted) backups when accounts are removed/added.
Also can use multiple different 2FA protocols (even Steam when your phone has root).
Fantastic, wish they prioritised stuff like this instead of AI but at least it's here now. Now please make a dedicated contacts app so I can stop using Google contacts too!
Yeah, I also was disappointed that proton wallet was for crypto and not credit cards. Unless someone can recommend an alternative to Google wallet, preferably from F-Droid
Google Wallet is not so much a "wallet" for your cards but a way to link your cards to their own payment service, Google Pay.
Both Apple and Google had a lot of problems convincing banks to accept their respective services, and even then many stores still don't support this payment method. A company with the clout and size of Proton has no chance to get their own service widely accepted.
The FSF (and RMS himself) wanted an alternative for online payments for ages, without crypto. An anonymous buffer layer between your payment method, like a credit card, and the vendor. I believe something was eventually released but it never took off, because unlike something like a NFC Wallet, vendors would have to natively support GNU's version.
I think you are referring to GNU Taler.
It recently started operating in a kind of open beta in Switzerland https://news.itsfoss.com/gnu-taler-swiss-operations/
Same, if they made a wallet for cards then I'd actually use my phone to pay for stuff
I started using Curve since I swapped to Graphene. Upsides: it's not google and it works fine. Downsides: it's a free as in beer app that (I assume) is selling my data.
I've read that Monzo used to have their own NFC payment app, but it looks like that isn't around anymore and they just integrate with Google Pay now. If anyone knows more about it I would love to hear it.
This is a more welcome addition than that stupid AI chatbot slop machine.
But I would still like to see them release Proton Drive for Linux already.
I wouldn't mind not having a native Linux drive client if they didn't block rsync, which used to work, and now does not. What a stupid decision.
Been using Aegis on android and managing my own backups but maybe switch or use for things I care less for just for simplicity
yes Aegis is awesome
Did anyone catch what the Proton app adds over all the already existing apps?
Looks like it has encrypted sync and desktop apps too, so that's nice if you need stuff on multiple devices.
The sync is the main thing for me. I already back up my Aegis library and upload that to proton drive. Difference in security for me is pretty much zero between Aegis and a proton authenticator app
Why its not available as apk or aab or on fdroid?
Promoting play store?
What's more, they talk up how it's open source and then don't link to the repo.
Here it is, BTW:
I saw it, of cource they didnt publish no apk or aab. I dont think a lot of people will compile from the source code, maybe like 0.05% of users
Ehhhh but they already have this in Proton Pass?
E: found this in the FAQ
Proton Pass is a password manager designed to securely generate and store strong passwords, and protect your digital identity with features like email alises and dark web monitoring. It also includes an integrated authenticator that can store and autofill 2FA codes - but not the ones used to log in to your Proton account. Proton Authenticator is a standalone 2FA app that allows users to enable 2FA protection for their Proton account, it also allows users to store their 2FA codes separate from their passwords if they wish to do so.
If you already use Proton Pass, I think I'd recommend Ente Auth instead. That's what I use.
You really should not keep your MFA codes in the same place as your passwords, especially if you are syncing those passwords between devices and/or a cloud service.
Yes that's why I said:
If you already use Proton Pass, I think I'd recommend Ente Auth instead
load more comments
(2 replies)
load more comments
(5 replies)
I've been meaning to get rid of Google Authenticator. Think I'm gunna go do that today. :)
Consider Aegis if you want an offline and secure alternative.
Is proton legit? I always see mix comments about them.
It’s legit. The negative comments are because the CEO supports US Republican politicians which is a red flag, but there haven’t been any operational reasons to not trust them that I’m aware of.
Doesn't support republican politicians. Congratulated the anti-big-tech appointment by a republican politician (Trump).
Definitely supported the Republicans. It was a red flag to hold opinions like this:
Here is our official response, also available on the Mastodon post in the screenshot: Corporate capture of Dems is real. In 2022, we campaigned extensively in the US for anti-trust legislation. Two bills were ready, with bipartisan support. Chuck Schumer (who coincidently has two daughters working as big tech lobbyists) refused to bring the bills for a vote. At a 2024 event covering antitrust remedies, out of all the invited senators, just a single one showed up- JD Vance. By working on the front lines of many policy issues, we have seen the shift between Dems and Republicans over the past decade first hand. Dems had a choice between the progressive wing (Bernie Sanders, etc), versus corporate Dems, but in the end money won and constituents lost. Until corporate Dems are thrown out, the reality is that Republicans remain more likely to tackle Big Tech abuses.
He's not wrong about the Democrat party choosing the establishment over the progressive wing, but the idea that he supports the Republicans as being more likely to reign in tech companies is so laughable it's not even funny, and makes you wonder why Andy Yen believes it.
What other commenters have said before though is true: aside from this incident with the CEO, Proton has been careful to stay politically neutral and on message... It damaged their public trust but didn't destroy it.
load more comments
(1 replies)
There are no very clear reasons to distrust proton, but is it just me that finds them releasing a 2FA app kinda disturbing? Like, why waste the resources? What could they do better than Aegis, which is already FOSS and privacy preserving? If there is no reason, than I have to wonder if the hidden reason is to get more data into their ecosystem. Which a privacy focused company shouldn't care about.
I am probably just paranoid but I don't trust Proton.
Yes it’s just you. They released a 2FA app because it complements their existing password manager and because Google has one. Since Proton is positioned as a privacy-first alternative to Google, it makes sense they’d launch competing versions of any given app or program Google does. A 2FA app also wouldn’t capture any kind of personal data.
What could they do better than Aegis, which is already FOSS and privacy preserving?
Have an iOS app for one.
But also like what could they do better than Tutanota mail, Which is already privacy preserving? By your logic Proton shouldn’t exist at all. Is it your opinion that non-privacy respecting software should have lots of competition and options but privacy respecting ones should not? Can’t say I agree with that.
Why release this? Because they're building their own ecosystem. They're trying to build an alternative to the big players, which means they need to have an alternative to all their major products. Maps and YouTube are probably off the table for now, just because of the sheer scale needed for those, but something like this is achievable.
Is Aegis better? Maybe, but that's not really the point, it's part of a family of apps.
load more comments
(2 replies)
It works, has minor quirks, but it has replaced a lot of things for me, switched from Google gmail, drive, and calendar to Protons and it has been good. (Though the whole Lumo AI release move confused me) Oh yeah VPN too, well for other countries, still use my wireguard vpn when traveling.
But personally, I'mma continue sticking to Aegis as my authenticator app. (Can't recommend it enough)
Aegis is my go-to. But I also have two phones - my personal Pixel and a work-issued iPhone. I need 2FA on my work phone, but Aegis doesn't support iOS. Proton came through here. It's open-source, too.
Ente Auth is cross platform.
Hmm... I'm not sure about having an authenticator app on a desktop computer.
Like you are putting all your eggs in one basket. Password managers, and your emails already go to one place for authentication. Adding an authenticator means if your computer is compromised, a person can have access to more accounts.
I always figured this is why desktop authenticator apps aren't a thing.
The alternative for people who want a convenience factor is putting it all in the same location. For example, the only thing Authy for desktop closing did for me was make it so I no longer had an isolated app for both 2FA and passwords, because now it's just all in my password manager.
I don't always have my phone on me 24x7, so the inability to access things on my desktop is a massive nope for me.
The way I looked at it, it's no different than having a mobile device with a password manager on it, because if someone steals your mobile device, they have access to everything as well. So the two-factor authentication apps shouldn't be on desktop argument never made sense to me, mobile is the same way.
This application might make me go back into having the two isolated systems, because it removes the massive inconvenience factor
load more comments
(6 replies)
No company phone = Me using a desktop app for work related 2FA.
Not my problem.
Well hopefully the 2FA data is encrypted and the app requires a pin or password to access.
Plus my password manager also needs a pin after it times out, and my computers all have their drives encrypted too.
It's plenty to stop casual thieves and such.
load more comments
(4 replies)
view more: next ›