Looking for a password manager service


It would be nice to have a password management service for sysadmins and users. Here is what I explored so far:

Unfortunately there does not seem to be an obvious candidate.

I lean towards Passbolt because its primary problem is with onboarding new users, which is a one time issue that is not a blocker when this does not happen too frequently. The secondary problem is not having a mobile application which means copying user and passwords manually from the browser which is inconvenient if that happens too frequently.

The other candidate would be Bitwarden because it has all the desired features and mobile apps. But a self-hosted setup relies on a third party server which makes it vulnerable to all protocol changes. Should clients be released with a new, incompatible, protocol, the third party server may cease to work overnight. As soon as the users upgrade it will break. And it may be weeks if not months before the third party server can catch up. Although this did not happen yet, it could happen next week for all we know. I would not mind taking the risk for myself. But I would not advise an organization to do the same. Data would not be lost but users will have to migrate to another solution and that’s never a pleasant experience. And it can happen two month after the service is installed :scream_cat:

Someone told me onboarding (and maybe the usage) complexity of Passbolt is a blocker for them. And I realized there is one blocker when it comes to journalists. A majority of them use Apple products, therefore Safari. Since Passbolt requires a browser extension, not having a Safari extension is a blocker for them. In the context of Enough… this also is a blocker: it would not make sense to choose a service that won’t work for the majority of journalists.

That leaves us with Psono, assuming its limitations are acceptable.

IMHO the limitations are acceptable so… let’s give it a go