The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
so no more authy? BITWARDEN HAS THAT BUILT IN??? thats AWESOME
Yep, and Vaultwarden too!
Though the most secure practice is to store them separately.
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
So does keepass
It is a paid feature though if you don’t selfhost
The paid features aren’t free if you self-host either. You still need a premium account to use premium features with a self-hosted Bitwarden, unless you modify the code and remove the licensing checks.
The major features are free if you use Vaultwarden though.
Oh
But it’s cheap! $10 a YEAR when I last checked.
alr
Yep, for only $10 per year. But just make sure to keep backups of your vault and/or make an emergency kit.