Bitwarden vs KeePass - What's the Best Password Manager?!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello everybody and welcome to tech lore where we aim to spread privacy and security to the masses as security-minded individuals you've likely heard of something called a password manager if you haven't we have a wonderful lesson in our free go incognito course covering this to get you up to speed in a nutshell password managers enable you to fully own and control your passwords like you never have before allowing the ability to create strong unique passwords on every website which is in theory only accessible by you and you guys should all be doing this by the way it's really bad to reuse the same passwords the two password managers we frequently recommend to people are bitwarden and keypass two open source password managers that function a bit differently this video will discuss the differences between them give you pros and cons as well as a final recap to hopefully answer which is better for you as an individual bit warden is a password manager with a more traditional setup matching what other password managers like lastpass achieve it's cloud-based allowing you to easily log in from anywhere keepass is a password manager with a more unorthodox approach there is no official cross-community client it's by default not cloud-based keypass relies on a local database file no internet required which is just like any other file on your computer and as long as that file is with you any keepass client will be able to open it you can duplicate this file and now you have two versions of your password database or you can delete it and it's gone forever no one can open this file unless they know your master password so just obtaining the file doesn't really expose anything this was just a simple introduction to each password manager but each has many secrets and fun tips that don't make the comparison quite that simple [Music] right off the bat bit warden is convenient anyone can create an account log into their account on all of their devices then just call it good similarly any changes you make on one device like adding or removing a password from your vault bit warden syncs those changes to all other devices it is open source and the most of what you need is free though it does have some paywall features and functionality which is kind of expected for an entirely free service hosting data for you in the cloud though you can also self-host bit warden yourself if you choose to which is its own pro bit warden implements two-factor authentication open source clients strong encryption and some of the best security standards all of which has been audited and has a transparent bug bounty program to ensure they're staying ahead of the game aside from personal use it also has an emphasis on organizations and families which makes password management between several people an option with an ecosystem and an entity to back it all up if you have issues you have someone to contact and a service you're paying for dedicated to serving you which some may prefer bit warden is updated frequently to work with your devices to their best potential it supports the staples like autofilling browser extensions importing and exporting data from other password managers and other things you'd expect to find in a password manager in each of their clients lastly for open source android users bitwarden is on f droid i feel this deserves a shout out so good job um that's awesome for cons bit warden does involve some trust if you use it as is out of the box despite them implementing fantastic security and in theory even the breach wouldn't expose your passwords your data being stored on someone else's computer aka the cloud is still less secure than not storing your data on someone else's computer obviously most password managers that are cloud-based suffer the same issue and bit warden is not unique but they still take some of the best precautions to make this not a huge concern as discussed in the pros the paywall system this is probably fine for most people using the free version as it still allows unlimited passwords with no major functionality removed however this will still turn some people away just like some may prefer a central entity and a system to help them manage things others may find this to be a con as stated earlier you can self-host though this will require some knowledge and time on your end which also helps cancel out the convenience factor of the service so it kind of goes both ways since bit warden has a reliance on its own first party clients across devices if they implement something wrong maybe a new ui new features or remove features you're kind of stuck with that at least officially speaking so you do have to trust bitword in here in the long run which there's not much reason not to just be aware there is a degree of trust in not only the privacy and security but also the direction they had in the future keepass the first and most notable pro of it is by default everything is offline and controlled by you you own your database it doesn't live online anywhere and you have the full control to do what you want with the file you can keep it on a flash drive store it on one machine move it in a veracrypt container or you could upload this to the cloud and sync it across your devices and it's going to sync your passwords just like other password managers we actually have a guide showing how to do that similar to bit warden you're getting top-notch security with keepass with open source standards audits even recommendations from pretty noteworthy people and support for something called a key file which is essentially two-factor authentication on a file basis some clients also support yubikey and other forms of 2fa keepass is extremely powerful if it doesn't do something out of the box there's likely either a client or plugin that makes it possible if there isn't it's very likely you could probably create something yourself if you really wanted to we made a keepass guide diving into several fun configurations and use cases and of course people still left some new unique ideas in the comments it really is limitless what can be accomplished similarly there are a number of options for clients on each device each with pros and cons for example keepassxc is a more modern and updated client with some different functionality than the official keypass client over on android keepassdx is from f droid though pass to android is on the play store and has better built-in support for database cloud syncing with services like google drive and dropbox because of these options and clients there's no central point of failure in keepass both in pricing security as well as functionality if your favorite client stops working or implements something that you don't like there's likely a different client you can switch to in minutes and it'll read the same database exactly the same as the last one to begin cons keepass is going to be more inconvenient if you want cross-device support with real-time updates your options are one manually sync the database yourself every time a change happens which is inconvenient and oftentimes leads to data loss if you forget something two by accessing your passwords from a single centralized database like maybe only having your database live on a flash drive which has to be plugged into every device to access passwords or three connecting the database to the cloud and three is obviously the most convenient yet it's still much less convenient than a service like bit warden if you're going the cloud route the next issue with keepass is it has a learning curve i'm not going to say it's hard to use because it's not it's just very new to people because we are used to accounts and keepass has a different process altogether i'd really recommend giving your keepass guide a shot since it does a good job of explaining how exactly he pass works which should hopefully help you get started keepass isn't an entity it's a project so if you're an organization or someone who feels more comfortable with a company backing their product you will not find any of this with keepass if an issue comes up you'll be on your own or you'll have to ask the community for help some people find this to be a pro but for some it will be a con the final con to key pass and it's very much a 2020 issue which may improve over time but i gotta say it ios support just plain sucks i'm sorry i spent so much time digging through different free key pass clients and they all sucked i eventually settled on strongbox which is my personal favorite keepass client i have ever used on any device i absolutely love it um keypassium seems okay as well but again you gotta pay that summarizes the main pros and cons to bit warden and keepass as for which one is for you that's entirely your decision and depends on your needs my first question would be what's your threat model if you absolutely cannot store any kind of database or password in the cloud you're kind of limited to offline keepass if you're comfortable with the cloud but not by trusting a central entity you can self-host either and with keepass you have a more controlled yet convenient option of using something like dropbox or nextcloud to sync across devices though that's not quite a perfect solution if you are 100 comfortable with the cloud assuming it's a trusted provider bit warden kind of wins here offering a much more traditional familiar and convenient experience to the user and because of that if you're moving your friends or family over to password manager keep it simple guys because you're a good friend who cares about the privacy and security but also their lives just move them to bit word and not keep ass unless they specifically need keepass for a specific reason and they're okay with his limitations on the contrary though if you're a person who doesn't want to trust a central entity and would prefer a diy setup keepass will be your best friend it's not hard to set up it's just different and new so to recap you can't really go wrong with either option i wouldn't overthink it as either of them are much better than options like lastpass and you should really question anyone claiming lastpass is more private and secure than these options just saying a final note it's extremely easy to switch between both options so you can test out both and see which you prefer that's going to wrap up our comparison between bit warden and keepass which is your favorite and why is it your favorite leave it below in the comments also we really appreciate if you would leave a like below uh subscribe to catch our future privacy security content we're always posting more of it and thank you to our patrons and supporters helping us do this for a living so we can keep making content for everybody you're awesome thanks for watching everyone and see you next time [Music]

Info

Channel: Techlore

Views: 61,059

Rating: undefined out of 5

Keywords: bitwarden, keepass, techlore, review, versus, comparison, switched to linux, the hated one, cyber security course, password manager, password managers, best password manager, free password manager, best password manager 2020, best free password manager, best password manager for mac, keepass password manager, password manager app, keepass tutorial, keepass review, password security, bitwarden password manager, go incognito, tor, VPN, proxy, Linux, windows, iOS, android, Fdroid, lastpass

Id: R6b1WasXxBs

Channel Id: undefined

Length: 10min 18sec (618 seconds)

Published: Wed Sep 16 2020