Bitwarden Open Source Password Manager Review and Why We Moved From LastPass

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

It's good to see a YouTuber / MSP move away from LastPass to a great open source alternative.

👍︎︎ 15 👤︎︎ u/[deleted] 📅︎︎ Jan 24 2020 🗫︎ replies

I just switched too so far so good.

👍︎︎ 5 👤︎︎ u/totmacher12000 📅︎︎ Jan 25 2020 🗫︎ replies

The best decision!🔥💪🏻 open source FTW!

👍︎︎ 3 👤︎︎ u/mstroiu 📅︎︎ Jan 25 2020 🗫︎ replies

Captions

time here foreign systems and we're gonna talk about bit warden the open-source password manager if you want to learn more about me or my company however to learn systems calm there's a higher spot in the top if you like to hire us for a project if you would like support to chain a lot of ways our affiliate links below for products and services that we talked about on this channel that often gets you a discount I don't have one though for a bit warden and this is me talking about bit warden because we switched to it there's no paid endorsement I know no one at bit warden I'll just make sure that's out clear there I will disclose ever as always if something was ever a paid endorsement but my positive review of this I'll just let you know yes I like it yes I use it for those you too long didn't watch people it's a great password manager now previously I've done several videos on LastPass and to my knowledge there's no flown flaws and LastPass I'm not switching because I know that there's some major security problem with it and I have also done videos about security problems found with LastPass and how fast they were at fixing them was really impressive it's a solid password manager I don't think LastPass is a bad product but I when possible I always like to prefer an open-source product and a lot of people have asked me why I'm not using bit warden well my first answer which was solved was the fact that bit warden was not code at code audited and when companies make a new product it doesn't necessarily mean I been going to trust all of my most important passwords to that product that's obviously Trust has to be earned and in security trust has to be audited make sure that was this program written in a secure manner now both LastPass and bit warden LastPass being one the first to market making them one of the biggest and why they're so popular and they do make a good product it stores the passwords in a vault so there's a supposed to be and to my knowledge is a zero trust that means zero trust is you decrypt within the browser so the passwords are decrypted by you through a master password and not the LastPass system itself or in this case pit warden so what they're going to each of these companies do is have a business model where they hand handle passing and storing the encrypted vault and your master password that you said decrypts the with them having zero knowledge and this goes back a long time from a business model standpoint back to lavabit lovara Levison and they realized that well he had the passwords and could decrypt some of the encrypted email that lavabit had therefore the government was able to compel them or even attackers could possibly get hold of those keys LastPass decided in their earliest inception that they would encrypt it without knowledge of understanding what the passwords are because you can't compel LastPass to give up a password with all the information in it if they don't have it it worden built on the same thing but they decided to make it open source so while LastPass has gone through a code review as well and is vetted by third parties it's still not an open-source product so now we're gonna dive into MIT Wharton which is an open source product and which has completed third party security on it this was a very important step to me and this happened I know a little while ago but I still the pain of switching well I thought it would be more painful than was it was kind of like well we have an entire workflow I have shared passwords between my team here at Lawrence systems and you know LastPass was a great solution because well it made working very easy so let's start here at the front page solve your password management problems the easiest and safe ways for individuals teams and business organizations at store and share and sync sensitive data install now it's free so their business models very similar to other pasture managers there is a complete free version they will host the vault and you can create a free account which I haven't we're going to demo it and they also have a pay model where they do enterprise solutions where you can dive into and will actually just look at it real quick so you don't understand the pricing and what you get when you dive into the enterprise it three dollars per user per month is actually a really that's really reasonable I think for the amount of features that they offer on here so user groups direct your sink on-premise hosting event audit logs API access multi-factor with TOTP and of course things like duo security and Yui keys and they have a lot of other features there which is awesome if you want to go into the higher end model the free for user allows sharing up to two users so if you and one or the family member want to use this and share passwords securely between each other that is supported right and free version the we planted a dollar a month for five users yeah that's just really inexpensive now this is where some people sometimes people complete things they assume open source always means free the code is all free the code is all on github they're doing the hosting and things like that that's part of what those fees are for so those fees that come into this if you want to grab all the source code and build it all yourself absolutely they have made 100 percent of the source code available it's all right here documentation and everything the apps they have everything so I'm throwing it out there for those that always seem to ask that question when companies charge for certain things you're paying for some of the hosting and some of the features and they do have some premium features that do require licensing if you self host this as well but if you wanted to spin the source code and not just download it from docker yes you could remove the licensing just so I'm clear on all that so we're up front create a free account easy enough to do I have one created over here Morgan go into vault for a second syncs between all the devices that's awesome desktop apps they have a Windows Mac and Linux app web browser extensions for Chrome Safari Firefox with all the brave tor browser edge and opera like I said mobile app command line that's actually kind of cool too and of course the web vault and of course here is the open source statement check out Orbitz hub and they have everything on there the docker images this is the self hosted system and I'll cover this little bit more at the end but you the the self hosting is great on this it works really really well I we have it set up and then we chose the self hosting to reduce our threat service I mean right here's the personal premium accounts a couple extra things that you get both of them and this is where sometimes people have confusion yes you can have two-factor authentication without the premium account what they're talking about here to TOTP Authenticator and key storage I don't use this feature it's kind of novel that they can do this and we'll cover what that is is basically it allows you to save your totp your time based authentication passwords and have it create them but that kind of breaks certain rules of two-factor and I'll playing that and shortly here and more details about the whole system I guess the company's very open open-source their business model is really really clean and they're got a really solid system that has now been invented now let's look at like the desktop app I have it running a Linux here I have a demo account set up on here so you can go through and see I got a couple logins saved in there we're going to cover them in a couple different ways but I didn't find any problems with the demo account or setting up a demo account and running it and an application here in window I've also got the browser plug-in setup here and well actually one of the cool things is you can this says this both for Chrome and Firefox this allows you to pop it out like this so I can just you know use it and have it without loading an application have it popped out and do look at my vault look at the collections and things like that and of course then we can log into things via the actual web vault right here which I got to get the password to an unlock because it timed out and I put a really long password in there now this is also something I've found kind of interesting is you can be logged in here and edit things and not at the same time be logged into the web version they keep these things separate so you can go to vault dot but warden comm when you're running this and it decrypts it in there now an interesting thing about the way it decrypts just so you know when you send your master password they bring what they call the encrypted blob to the browser and they aren't getting your master password back there doing the decryption in browser this is how they keep from knowing your master password they've developed in the system once again it's open source and being vetted they develop this so they don't send the master password back to them to decrypt it because then well then they would have your master password and if they had it they would be compelled or it could be compelled to do it or the risk of them being attacked would allow people and attackers potentially get in so let me log in here and get the password real quick all right and I'm logged in so no matter which one I log into they're all in sync with each other all the time so this was the popped out with the Chrome extension I have just a couple things saved in here just this is just the demo account this is where you can look at the generator you can import data matter of fact this is how you would switch it last pass and wow this was easy I think I have over I burned them down right around 700 passwords that I needed copied over when you run into the export you just go to export with LastPass and they link to the article of how to export from LastPass you copy that and paste it in or you can save it as a CSV file and it imported flawlessly I was dead part was way less pain than I thought so switching was actually really really easy for me and my understanding is switching from some of the other ones is easy now you can also on the other side of this export your vault in exports in JSON or CSV you put your master password in there and you can then export the file and then you have it it's in a JSON file or a CSV file if you wanted to put it in a spreadsheet they do I like any company that supports a solid data Liberation process which means I can get all the days that I put into this product back out of the product if I wanted to then I can put it somewhere else if if I wanted to do so now back to a couple of features of the vault so we're gonna look right here well let's go and edit this actually this is where this is a premium features this is right here the rolling tott OTP numbers so if you have a premium account you can put this in here that means your username and your password and then the third-party authentication that extra token could all be stored right in here to me I mean I think this is a great convenience but security and convenience are always at odds with each other doing it this way means if I stored this in here and somehow someone got into my vault because I've been compromised my master password was compromised someone figured it out and they figured out how to get into my vault they now have the pieces of information both of them needed to log into my next piece of account for example right now because I don't keep my TOTP Authenticator key in here if they were to get in and I was on a site that also had a third-party authentication it would stop them from doing it because they would need my external which in this case is my phone which has the rolling numbers on it so leave it up to you if you want to put that in there I think it's cool that they offer it I think it's a bit risky now other things about the interface this is the test in four pfSense easy enough now what about if we wanted to do another custom field this is another feature so we got a notes field here but let's say the other password some other key that you might we'll see the VPN key because we have that created separately and we'll put some random junk in here and just like that but now we hit save and now what we've done is when we go and look at this particular item I can not have it exposed but go in here and just copy the value for the VPN key because I wanted to store some extra piece of information about this site login maybe those are security questions you answered this can all be stored in here maybe there are some other pieces of information that are pertinent to whether it's a firewall like I'm doing as a demo here is it's a PF sense box or whatever that is sometimes sites have a few extra questions they want to ask and maybe you want to have those as a text maybe you want to have those as hidden to copy and paste the answers and a series of questions that you answered now not answering those questions the same on each site when they ask you like what your mother's maiden name is this helps to do that so you can come up with a random answer for every website so to many places use that mother's maiden name or some type of arbitrary information that you can probably find about a person that's why it's better to make things up but then you can't just make them up and forget them because then you wouldn't be able to get back in if there was our problem so making them up and saving them inside of here and having a series of fields great way to use it it does support full organization of things like folders so you're able to I don't have any created in this demo account but you can organize everything into a series of folders like my social media accounts or my web accounts or my server accounts now the difference between this test and this time log in our one belongs to an organization and one belongs to me this is where I think they did an amazing job you don't share passwords based on the object inside to here so if each password let's say is an object so we want to share this with someone else we can but normally the way you would do it in LastPass just and I don't know every password management LastPass to do is it's kind of like I want to share this and would have a list of users that I shared with it they break everything down in here a bit warden using I really this is just great so we create a new organization we'll call this one demo - so hit that warden demo at Lawrence systems comm and this is where the licensing kicks in and this applies to self hosted or not tell others what makes it very clear free limited to users including you so it's really just you and one other person limited to collections you can only because each organization then can have a collection underneath it and if the free plan only lets you have two collections the collections are essentially like folders underneath it so maybe some are related to the business or however you want to break those down maybe the department if you want to consider an organization a company and then maybe you create a series of departments under there and there's full granular permissions for each person you share this with which is actually really nice you can then upgrade to the family plan for a dollar a month really inexpensive with the family plan on premise hosting is an option because once you create these this is the nut god show but it's something that I was a little unclear on but reading through and now I've set this all up I understand a little better now you can get in on premise license the way you set an on premise if you want to self host this up as you would create this here create the account by the family plan even though you're gonna use self hosted you still have to create an account with the same name so the usernames gonna be your email address so I had to create one with my email address at bit Wharton I had to buy the plan even though I don't keep it in their vault because I'm hosting it myself you have to buy the license here then you get to download and export the license and then you import it into yourself hosted and the email addresses have to match just FYI on now that was the part I was a little bit fuzzy on that maybe they could add to their documentation teams teams is cool but downside about teams the on-premise hosting part missing so for a business I was thinking hey the team's account seems like what I want oddly you don't get to some on premise hostess so you can buy the team's account host it what their vault but teams doesn't allow you to download the license neither does the free plan you can't create an organization without a license for the on-prem so you have to go with the enterprise one which does have on-premise hosting but at three dollars a user per month each really reasonably inexpensive so that's for a business use case I that's just yeah great price especially because you get all these features that you want for a business anyway unlimited collections share with unlimited users and control user access with groups track changes and log audits they give you well all the business and enterprise class tools you want to create a shared password manager that they don't even host so yes I said in the beginning they're a trusted company but if you want to reduce your threat service more you don't even publicly expose your bit ward and server in any way that way in the future if any flaw was found you have self hosted this and the only way accessible in the way we set this up is internally with the VPN so it's completely locked down to an internal network with a lot of access restriction rules around it therefore reducing if they're for example was a flaw ever found in bit warden I'm sure they would be quick to fix it but not having an exposed means it was never a chance to exploit that flaw so there's important reasons you may want to do it it's not for everybody in a matter of fact they're hosting I've been I'd sub some demo accounts and tried a few things with their hosted version a matter of fact I moved all my personal stuff that I you know games and stuff I play Altidore hosted version that they offer the hosting for and bought it as a premium and I'm thrilled with it it works great it's fast I've not any issues at all these who never really saw it platform so with all that go back over here go back over here and how do we get things in and out of there well it's kind of a one-way operation I bring that up because right now I own tests but the demo org here Bowens Tom this other login and so when we log in and we'll actually go here and log in and out just this was handy to have so if we want to log in we've got two options because I save two different passwords here so at the time one which we can log in right here all right now logged in and then we're gonna log out and this can be really any website this was just handy I happen to have this sitting here with pfSense we did the login over here with a little button and now we're gonna login with test then we can login with that now test is owned by me but anyone who I shared in the demo organization so we look at and we can invite some user we invite this user this is the owner and so I have full permissions but then the demo user another menu would pop up and let us granularly control all the permissions of who can see what inside of here I didn't want to show this on mine because it has all my staffs email addresses in it of how he delegate this out and that would be more than I'm willing to share today in terms of that but then you can break down with that premium one each one of these you can go through and granular your permissions but once this gets moved into and let me show you how to move something in there we'll move test in here now as well we're gonna share what collection default collection over would demo you can have as many collections you want everyone organize them this is a one-way operation once you've taken something in it's not in your vault it is now part of the organizational vault it does give it a little sharing on there but it I didn't see any way to remove the share once it's done you you have to copy you have to reset it up back into your account you're a personal one once it's in the organization so it's just kind of a only feature I really complain about so to speak would be that that I wouldn't mind be able just to take something Ivan Oregon say I don't want to share that anymore so once you decide to share something you've shared it you can delete it out of there no problem but there's not a way to say move this back over so Tom owns it it's not shared with the group that is in that organization so just a little FYI now now a few other things they have in here that's also really nice the organization's work just like the vault so under my vault I can say I want to create a new login I can want to look at cards I want to look at identities so let's add an identity item so identity items gonna be I want to put in my title all the information so when I go to a website you just can fill all this out email address phone you know and I have one of these filled out for my business card add item we can put different cards in here I and we can you change it as you go down right here so name folder cardholder name Visa MasterCard etc etc custom fields that you may want in there who owns this item is down here at the bottom and this is what I really like so we do need to share certain card information and stuff like that with our vault so we put things or I should say I do I put them in the shared folder right from the go so I have certain things I want them to fill out I have cards I want to share with my staff when you want to share those cards I just throw them right into the shared organisation and the staff members that have the permission for that particular folder now have access to be able to buy something and use one of the company credit cards right from here and fill it in this is really solid the way they did this this is just I really like it now let's demo real quick what it looks like to actually so make sure we log in as Tom so we'll go to choose the Tom login here and actually let's delete the other login so delete the test login so back to all items and even though it's in the shared one it is - yep well going to delete that I don't you know what the password is for test doesn't matter though so make sure refresh the page yep there's only one login now we're going to choose the Tom login and this is my demo server so yes that password is that short still can't have it but it's short because it's a demo server for this particular demo I just spun up so let's go over here to use your manager now i granted you'd be doing something completely different if you're creating a login for a site it has these type of options but we'll use the password generator to show you how it works so we'll go here I'm just going to hit over the generator and you can choose some of the options longer however you want the password to be this seems like enough characters right here do you want it to have which characters upper case lower case minimum amount of numbers special characters avoid ambiguous character so plenty of little options you can do there and keep it regenerate till you see I think that looks good so we're gonna copy the password password copied and we'll just paste paste now because this field is labeled password just by me hitting save here even though I've already got Tom saved it says should bit 1 remember this pasture for you yeah save it so back over to bit warden here back over to my bolt instantly it saved right there and by the way I've left this open in a background it's saved right here it is in sync so as these changes are happening the pit Warden tool right here is syncing all of it and it's working all in real time for anything that we add and now I can have this in my vault and we can see the password it generated right here be able to view it and away we go it remembers the thing now something about mass detection is kind of cool too this is really nice that they have this built in here you can change the default rules on it but you can have things like I want it to be an exact match for this so only use this password when I'm at this particular URL or you can edit it so this or URI is exactly this so you can say I want it to be exact match for this and this is kind of a nice feature as well and that you can do this on easily do this on a per item basis so I really like that now the last thing I'm going to talk about because I mean we're into some of this it's these are a couple of our premium features that I guess we can cover real quick like exposed pasture report reuse pasture report week password no they don't just send your password do have they been poned they create a hash of it and do a hash comparison so I thought that was nice that they built those things in that's definitely really cool in under two settings this is where you have some of the other options to change the billing options lock options your organization's everything else billing 2-step login they support with the not paid this is 100% free one here Authenticator app and I'm using that Google authentic hereabout Authenticator plus I don't know if I did a video on and out but it's a great app to use for doing TOTP authentication but they have all the support for that you can also have your verifications emailed to you but this is way better to do something like this right here but please note if you ever lose the password to this or lose your authenticator app key and all that you're not getting back in they can't help you they don't have your password so it's really important when you set this up initially and create the master password that you just don't lose it now finally let's talk though about how you self host bit warden and this has been great oh yeah let me close this window but yes they have a bug bounty program I guess we can just mention that worth mentioning for sure all right do you have a breakdown for like I said they have license fees those license fees well they do apply to self-hosting just want to reiterate that just because yourself hosting it you would have to recompile the code to remove the fact that it requires a license for certain other premium features the codes available have at it guys installing and deploying this this is really well done they've done a great job so too long don't read right here just all you really need is your DNS records to point and have ports 80 and 443 open so if you want to self host this your domain you know you call whatever you want pit warden got your domain calm really straightforward they have a great installer that is very very automated and what this does is grabs this really basic bit warden - a script it goes to the bit more downloader it grabs this the only prerequisites are docker docker compose I built this running a server running wm10 no problem I didn't load anything else on it it's a bare-bones I loaded dr. on it that's it and I wanted to create this with the absolute minimum so once you want to install into play bit cordon run their tool here then you run bit board and install start and away we go and then you have a couple options of how to do this in PowerShell how do this if you want to adjust things now this is a part that I think is really great they did an excellent job now this is best practice in docker anyways they do a solid job of separating data from runtime environment so you're when you build this all in docker and this is to me absolutely great like I said I I'm just happy with the whole way they have you know here's how to setup doctor-doctor compose installed a bit warden I can run through some of this but they have and it grabs all the proper docker images that are nice built compiles you're not compiling into the code but they create a separated data folder so your data folder is located in wherever you download install this and then docker runs the docker images get updated whenever there's updates but your data stays safe by the way when it comes to backups inside of this virtual machine that I create the create a backup folder every night it creates a backup of my bit Wharton files you can also yourself all you have to do is grab this BW data folder that it creates and away you go that's all you have to do to back it up she's keep backing up BW data and and pretty straightforward also they have things like this when you go into the environment available under BW data environment you set things that you need to have set up so SMTP dot SendGrid port 587 username API key sign API key etc etc but one of the things is very important if you self host if you want the self hosting any work properly you have to have the mail server setup that's why they have these in here that's one of the reasons are pointing this out even if you sell post when you create new users you can't even activate the premium license fee because you download the license from your logged in version of bit warden you then log in to your self hosted version and then you put your license key in but the license key has to match your email address and your email address has to be verified that's an important step so make sure you have access to a mail server that you can send information through and there's a lot of you can search for different mail server types that work for this but you know is make sure you have this right now as of right now but not in the future you probably could use something like google less secure apps look that up but Google is also my understanding deprecating less secure apps so that may work for now the other thing you need to email to work for is when you invite others to share so you have other users like for my team for example as they create accounts on here I needed to share the keys with them to put them in the different organizational groups and the different collections that also is an email generated now once they're shared you don't really need a mail server anymore but you will get mail notifications unless you turn them off for new logins and new login attempts which I do like quite a bit so here's a few of the other script commands and they made this really easy so what if there's a new version of bit Morden how do you update it well that's actually pretty easy update all containers in a database they have an update update the main script update all containers without restarting and running innocence and rebuild them there's also a standard Figgy ammo file so you can edit the config and once you edit these configure these environments please note this as a docker thing that you need to rebuild the docker because once it starts all this instances and grabs the latest versions of them it uses the config files but you have to start and stop them again and rebuild them to say hey grab those config files again because I made changes they do also offer instructions on the entire manual installation and when it comes to keys they support both let's encrypt for when you if you need to have a key signed they support less interrupt they support self-signed and these port your own and they have instructions on each for a company not just giving away the source code saying here is to take the time to build out these entire docker images with detailed instructions of how to set it up that is outstanding this is one of the reasons that I was really impressed like there they wouldn't the extra mile in my opinion to go through and do this to say hey some companies are open source and say you know their business models will sell access or whatever but when it comes to if you want to run this on your own well cool here's just a pile of source code they don't always take the time to build really solid detailed instructions on how to set it up how to update it and they kind of Inge almost encourage you for those of you that want a cell phone awesome away you go now a couple notes about the self hosting self signed key versus let's encrypt so awesome they have let's encrypt but if you do this and you set this up on your server whether it's a hosted in a cloud like digitalocean or if it's going to be on prem like we're doing within our own stack you do need to have your dns records and let's encrypt post it to get a signed search or by a sign search somewhere and install it and like I said they have into those instructions they're the reason you need that is if you want the command line app or you want the desktop app to work and you don't want that error to come when you go in the browser it needs to have that signed cert but those desktop apps don't have a bypass for unsigned certificates so an example is going to be and I'll pull this up for just so you guys understand so we're gonna go here and this works for any of them so we're gonna go and go to account and log out yes and then we're gonna go settings and you put in the server URL right here this works for the browser extension as well so we're gonna go ahead whoops probably don't didn't need to do that go here settings lock logout confirm you want to log out same thing up here there's where we can go and put in whatever it is HTTP and if you leave a blank it goes back to the bit worden vault but if that does not have a properly signed certificate it won't work it will work in the browser it will work with the browser extension it won't work with the command line app and it won't work with the desktop app and it won't work with the mobile app so if you choose to go a self-signed certificate when you're hosting this and you just don't want any exposure that is a limitation you will run into granted you could recompile these you could you know set the flag in there to allow a self-signed search or you can take a self-signed cert and added to your trust or of each device that's going to attach to it those are other options but I wanted to throw them out there and just mention that cuz that was something I thought was not really a terrible thing because obviously using self-signed search it's a good thing in some ways because if you had a signed certain all sudden it wasn't signed because maybe your server got hijacked or something like that and a cert change is probably good that it prompts you and doesn't just log right in the other side of that is I think you should be well as if you're advanced enough to understand how to set up a self-hosted docker image on a server that you should be able to say you know what I want absolutely no exposure I don't want anything but my own certificate that I generated inside of here and I don't feel like loading it in a trust or I should be able to you know log into it locally I don't know I'm probably being nitpicky about that but throwing it out there but my overall like said my feelings a bit weird and I really like it it's got a lot of features when you compare it to last pass it has brilliance I now have in here but more the way it handles organizations is a big plus I don't use this feature but maybe I should I haven't really played with it it does have a pen option which is kind of cool so instead of your typing your master password each time you can have a pin in the browser so you unlock the browser when you open it with the plug-in and then you only have to type in a shorter PIN number that way each time you want it to load a password you have to put a pin in that shorter versus typing your longer password when you want to have it more secure and locked but I'm absolutely I don't mind typing a longer password and my own habit is that even if I push my computer away I press the lock key to lock it out and frequently close thing that's just good security practice because then if I get up and walk away and I left my password manager login someone can obviously go in and start looking at passwords or something yeah maybe I'm getting a little overcautious but when you handle a lot of people's secure information I don't think you can be too cautious but my overall I love the product I'm happy with the self-hosted like I said to me self hosting it reduces the threat surface if you're not exposing it to the Internet if you are someone who's not sure how to update docker or you don't keep your server itself very secure because you're stopped familiar with those things my opinion is going to be if those are not things you're familiar with then you are making a less secure product you're probably best left to the folks at bit warden to keep the product up-to-date if you're experienced enough to start following these instructions set up the server hit everything set up properly you are doing better you can really reduce your threat service and have it completely lock down internally and do all kinds of restrictions on it that maybe you wouldn't be able to do there but so that when it comes to security it comes down to what are you comfortable with where is you know your efforts should be put it's not something I can easily answer for people people always ask me is the self hosted more secure and I have to say it depends because I've seen people's self host apps and make tragically bad mistakes and they don't know how they're doing it they actually create a bigger security hole for themselves especially with the risk of let's say you have a server that you don't keep very well it gets compromised it has some type of malware on there that then grabs your master password and lives there silently while they slowly creep through all of your passwords because you did not properly secure your server and they were able to start listening to all the traffic you manipulate your server so your skillet locking down a server is going to be very dependent whether or not you should be the self hosting of this or not and of course if your self hosting in you're not exposing it well then you've reduced the risks even if you're not good at it they still have to get inside network so that does create another barrier so look my overall thoughts on fit warden I'm really happy at the product if there's questions comments concerns great let me know I'm gonna have this linked over my forums it's a great place to ask questions or if there's you know troubleshooting and things like that I'm willing to help a little but they do have their own support and discourse forum so highly recommend if you have a lot of troubleshooting problems because I didn't have problems with it I thought it well the documentation was good and it just worked and I'm so impressed with it they have support forums that have discussion they have a subreddit where there seems to be a lot of people answering question as well so you go to the Rhenish slash our bit warden and have a discussion by the people in there - there's a lot of Q&A just read through so you know don't believe me look at other people's thoughts on the product and everything else and it's great so it gets a thumbs-up for me thanks and thank you for making it to the end of the video if you like this video please give it a thumbs up if you like to see more content from the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to lawrence systems comm fill out our contact page and let us know what we can help you with and what projects you like us to work together on if you want to carry on the discussion hetero to forum style or insistence calm or we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free also if you like to help the channel on other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time

Info

Channel: Lawrence Systems

Views: 172,250

Rating: 4.9397321 out of 5

Keywords: lawrencesystems, bitwarden vs lastpass, bitwarden review, bitwarden tutorial, bitwarden self hosted

Id: 3Y8O0wyYsiQ

Channel Id: undefined

Length: 37min 7sec (2227 seconds)

Published: Fri Jan 24 2020