The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
so no more authy? BITWARDEN HAS THAT BUILT IN??? thats AWESOME
So does keepass
It is a paid feature though if you don’t selfhost
The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
Oh
But it’s cheap! $10 a YEAR when I last checked.
alr
Yep, and Vaultwarden too!
Though the most secure practice is to store them separately.
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
Yep, for only $10 per year. But just make sure to keep backups of your vault and/or make an emergency kit.