Switching from LastPass to 1Password - wdyt?

I think that using a self hosted is better because we control all this data, but we have to sort out a safe backup policy for this data.
Regarding the users putting their personal data inside this vault, they should be advised to don’t do it, and use it only for Status related passwords, because it would be like storing your personal items in someone else vault.

1 Like

I currently use both 1Password and Lastpass and do have a mix of Personal and Status on Lastpass. I don’t mind putting in some effort to clean up and use Bitwarden only for Status accounts.

Here’s how I’d likely use it:

  • Maintain 1Password and export all Personal accounts there and all Status accounts to Bitwarden.
  • The bulk of Status accounts, the ones I already have, will live there.
  • If I’m setting up an new account (e.g. for a new tool) 2 min before UX testing as a last resort when all infra is failing me and I have 10 other things on my mind… I will probably go for 1Password
  • New accounts might grow like this on 1Password and I’ll manually move these to Bitwarden manually, potentially 6 months later.
  • I’ll likely also use a 1Password generated secret to get into Bitwarden so I only have to worry about losing 1 Master password.

@petty I’ll totally leave it up to you to judge whether this sounds acceptable. It’s my most realistic imagination of how I’d use Bitwarden in practice.

Another perspective: I have no clue how much of an investment this is for you @petty and @jakubgs, I’d say we’re looking for a proven secure solution that enables our work. If either option leaves any time to spare to speed up product development, while using a proven secure solution, I’d opt for that one.

The goal of the original idea in bitwarden was exactly for this.

Optimally, you’d switch everything to bitwarden, as it’s free for personal use but being part of the Status org gives premium services across the board while you’re a part of it. This would allow you to have everything in the same UI, but organization secrets stay in the org “collections” which you could add to and we could manage appropriately.

Transferring from a password manager to bitwarden is quite easy as they import all common app export formats. Setting up collections within a given “group” is pretty easy from there to share with whoever is doing things with you.

My main concern with the self-hosted solution is that all of the previously mentioned ease of use goes out the window. A self hosted solution is the same as using a completely different password manager, but actually a bit more obtuse if you happen to also use bitwarden as you have to change the endpoint back and forth when switching