> And it all syncs across your devices, for free?!
Really? My Linux devices? Android? Windows? I don't think so.
I recommend considering one of the most important features of a password manager is that it doesn't force you to use a single manufacturer's products forever. Even if you swear undying fealty to Apple (or anyone else) today, you might change your mind in the future. 1Password, Bitwarden, and others allow me to switch PC manufacturer, phone manufacturer, browser, and so on.
I can't tell you how many people used to think "Internet Explorer is popular, it'll always be the one and only browser". That did not end well.
This. Wouldn’t matter if they had the best UX, and I have both an iPhone and a MacBook. First, I want to be able to use my Linux and Windows machines like they are first class citizens. But more importantly, if I lose my devices I don’t want to be locked out.
Apple is, to this day, largely unable to recognize that there is a world outside their beautiful dystopian garden. I’m sure they’re drooling about making the MacBooks run iOS so you can’t use any software that hasn’t been scanned and approved. When that day comes, I’m out for good.
This is as good as comment as any to hang my off-topic thoughts on...
I use Chrome's built-in password manager. I always set up website security questions with gibberish answers. I wish Chrome would give me a field to store those answers. Or, better yet, treat them like password fields and autofill them.
> Even if you swear undying fealty to Apple (or anyone else) today, you might change your mind in the future.
Changing my mind is easy enough: I can export my iCloud passwords to a csv file, and I've done this to transfer a bunch of passwords to Firefox Linux desktop.
I'll tell you something though: If Bitwarden leaked passwords nothing would happen because America has very weak consumer protections, but if Google or Apple leaked passwords, they'd be hit in every EU member state for GDPR.
Some of these things are outside of my control, and using a password manager is too useful that I think it's worth a little risk, but I can't justify trusting any company unless they've got some skin in the game, and Bitwarden specifically wants to disclaim all liabilities? AgileBits thankfully is in Canada and you can at least sue them for what you've paid them in six months, but I personally have passwords more important than that. Surely there's someone else you could recommend?
LastPass' entire business model was about protecting passwords, and passwords still got leaked. Most prople want security, not "ability to sue" which is not at all the same thing.
I don't want something just because "most people" want that thing.
And I disagree: I think everyone who has been harmed by another wants the ability to have their story heard by a judge and jury and be cured by the law. Maybe they would prefer to not be hurt in the first place, but as you point out with LastPass, they may not have that option.
What we can choose is the jurisdiction in which we trade, and I would recommend people spend less time navel-gazing and more time thinking about what they can be doing to make things better for themselves.
But I think in this case it's pretty much required for good UX with the way file syncing works on mobile and in the browser, especially dealing with conflicts. I've done it both ways and there is a lot less friction with vaultwarden than my old 'synced KeePass file' approach.
It was just a suggestion, there are other ways to skin the cat.
Really? My Linux devices? Android? Windows? I don't think so.
I recommend considering one of the most important features of a password manager is that it doesn't force you to use a single manufacturer's products forever. Even if you swear undying fealty to Apple (or anyone else) today, you might change your mind in the future. 1Password, Bitwarden, and others allow me to switch PC manufacturer, phone manufacturer, browser, and so on.
I can't tell you how many people used to think "Internet Explorer is popular, it'll always be the one and only browser". That did not end well.