The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
so no more authy? BITWARDEN HAS THAT BUILT IN??? thats AWESOME
So does keepass
It is a paid feature though if you don’t selfhost
Oh
But it’s cheap! $10 a YEAR when I last checked.
alr
The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
Yep, and Vaultwarden too!
Though the most secure practice is to store them separately.
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
Yep, for only $10 per year. But just make sure to keep backups of your vault and/or make an emergency kit.