I currently use keePass, and use it on both my PC and my phone. I like it because I can keep a copy of my DB on my phone and export it through a few different means. But I can’t seem to find an option to actually sync my local DB against a remote one. I’ve thought about switching to BitWarden but from what I can see it uses a single DB with multiple connections. Is there a password manager that allows
ultiple databases (one PC one Phone) with easy syncing between them - specifically from my phone? Or a way to setup keePass to allow syncing with a machine on my home network?
I don’t quite understand, is this just the backup file or the file being used? I’d be worried about conflicts if some transfer doesn’t work perfectly, since then it might all break
I also use keepassxc with syncthing. It works great and syncthing allows me to sync any other files I want. Mines set to automatically sync my photos and documents as well as keepass.
I have too many photos to sync, but I have two different Document my own and family documents, so that I can share the family documents with my spouse.
In my case I’m storing the DB on my Google Drive for now, but Keepass2Android supports many different systems, including “generic” things like WebDAV, so really anything should work.
While Keepass2Android is integrated with the syncing and will always check for conflicts (i.e. check for latest version before saving), the same isn’t necessarily true for the desktop client. But since I rarely edit from both devices at the same time, anything that syncs to the Desktop in a somewhat realtime fashion should work just fine.
And for the few (long ago) cases where updates were overwritten, the “previous version” feature of Google Drive was god-sent! (And KeepassX can simply merge the old overwritten version into the current one and you’ll get the correct merge).
If the files to be synchronized are accessible via a protocol that KeePass supports by default (e.g. files on a local hard disk or a network share, FTP, HTTP, HTTPS, WebDAV, …, see the page ‘Loading/Saving From/To URL’ for details), then no plugins/extensions are required.
If one of the files to be synchronized should be accessed via SCP, SFTP or FTPS, you need the IOProtocolExt plugin, which adds support for these protocols to KeePass.
If one of the files to be synchronized is stored in a cloud storage: for most cloud storages, there is an integration with the local file system available (i.e. you can access your stored files using Windows Explorer). For example, Dropbox, Microsoft OneDrive and Google Drive provide such an integration. If such an integration is available, it is recommended that you access your database file this way; this often works better than accessing it via a protocol like FTP or WebDAV. If no such integration is available and your cloud storage also is not accessible via a standard protocol, a specialized KeePass plugin for this cloud storage might be available.
How does that work when your vaultwarden instance goes down for some reason? Lose access to passwords? Or does the browser extension still have access to a cached copy of the db?
If you sync between 2 things, one of those things has to act as the server component, which holds the database, with other things syncing to that database. Otherwise who connects to who?
If you want separate databases, that implies multiple instances, which is something different.
KeePass will sync multiple databases by keeping the most recent change in any differences between them. It’s very convenient when you’re making changes to the list on separate devices, but having two copies of the database helps have a redundancy in case of a device failure.
Keepass2Android implements syncing in a way that actually works. I sync through my nextcloud instance. On my laptop it’s just KeepassXC and the nextcloud desktop app, on my mobile (android) devices Keepass2Android. On iOS I think there was Strongbox but I haven’t used it in a long time.
I tried using KeepassDX with the nextcloud android app for syncing for a while, but it lead to regular silent sync conflicts including password losses.
Keepass2Android handles that pretty well. It checks for external changes to the remote database before every local edit. And the desktop nextcloud app notices conflicts as well and can create a second version of the file if there are conflicts. You can then check for the differences with something like keepass-diff. But that should only happen if you change your db without syncing first, so while you are offline or the nextcloud app wasn’t running.
This is the setup I have (Nextcloud, Keepass Desktop, Keepass2android+webdav) and k2a handles file discrepancies very well. I always pick “merge” when it is informing me of a conflict on save. Have been using it like that for years without a problem.
Edit: added benefit, I have the Keepass extension installed in my Nextcloud, so as long as I can gain access to it, I have access to my passwords, no devices needed.
If you’re up for pgp and git, gnu password store is a killer app. There are a few guis, including Android and iOS, and if you use gopass there’s a nice plugin for browsers as well. And it’s ultimately just two tools that are both solid and generally well known.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
I sync Enpass between iPhone and Linux with Mobius Sync (Syncthing for iPhone)
I don’t quite understand, is this just the backup file or the file being used? I’d be worried about conflicts if some transfer doesn’t work perfectly, since then it might all break
Bitwarden does use a local database and syncs. When you authenticate it unlocks the local database and does regular syncing behind the scenes.
I do recommend self-hosting vaultwarden for the primary server though.
Just add in syncthing in your stack and you will get keepass with the benefit of syncing directly between devices in a p2p matter.
I have been using this combo for almost 2 years now and it’s better if you ask me than using vaultwarden.
I’m syncing my KeePassXC db with Syncthing to about 6 devices, have been doing so for years. And a second db which we share at work.
I also use keepassxc with syncthing. It works great and syncthing allows me to sync any other files I want. Mines set to automatically sync my photos and documents as well as keepass.
I have too many photos to sync, but I have two different Document my own and family documents, so that I can share the family documents with my spouse.
I just use Keepass2Android. You can use any solution you’d like that is able to sync normal files and sync your database between your devices
Was about to post this, this works well for me.
In my case I’m storing the DB on my Google Drive for now, but Keepass2Android supports many different systems, including “generic” things like WebDAV, so really anything should work.
While Keepass2Android is integrated with the syncing and will always check for conflicts (i.e. check for latest version before saving), the same isn’t necessarily true for the desktop client. But since I rarely edit from both devices at the same time, anything that syncs to the Desktop in a somewhat realtime fashion should work just fine.
And for the few (long ago) cases where updates were overwritten, the “previous version” feature of Google Drive was god-sent! (And KeepassX can simply merge the old overwritten version into the current one and you’ll get the correct merge).
I use the default desktop KeePass client (no Xs or whatever) and it always synced correctly and picked up abd merged changes.
deleted by creator
You could just use syncthing to sync between devices. Works like a charm.
I’ll look into this, thanks!
Works great. Just remember syncing is not the same as a backup. Make sure you do backups!
This is the way to go, IMHO.
Syncthing was weird at first, but it’s super simple, it shouldn’t take too long to get used to it.
Keepass has a synchronization mechanism, maybe you can get it to work between your phone and your PC?
Why not self host vaultwarden? I was using keepas for all of the reasons OP mentioned, but my woes went away when I migrated over.
Clean export from keepas and import into vauktwarden. Plus with passkeys being deployed, is there a reason against it?
How does that work when your vaultwarden instance goes down for some reason? Lose access to passwords? Or does the browser extension still have access to a cached copy of the db?
Exactly… If you lose internet connection is just stays local until you reconnect.
Phone, browser, desktop…
That would be a single DB, no?
If you sync between 2 things, one of those things has to act as the server component, which holds the database, with other things syncing to that database. Otherwise who connects to who?
If you want separate databases, that implies multiple instances, which is something different.
peer to peer is an option too
KeePass will sync multiple databases by keeping the most recent change in any differences between them. It’s very convenient when you’re making changes to the list on separate devices, but having two copies of the database helps have a redundancy in case of a device failure.
Keepass2Android implements syncing in a way that actually works. I sync through my nextcloud instance. On my laptop it’s just KeepassXC and the nextcloud desktop app, on my mobile (android) devices Keepass2Android. On iOS I think there was Strongbox but I haven’t used it in a long time. I tried using KeepassDX with the nextcloud android app for syncing for a while, but it lead to regular silent sync conflicts including password losses.
The sync conflict / corruption is what worries me. Currently I just export a copy as a backup but it’s all done manually and not on a schedule.
Keepass2Android handles that pretty well. It checks for external changes to the remote database before every local edit. And the desktop nextcloud app notices conflicts as well and can create a second version of the file if there are conflicts. You can then check for the differences with something like keepass-diff. But that should only happen if you change your db without syncing first, so while you are offline or the nextcloud app wasn’t running.
This is the setup I have (Nextcloud, Keepass Desktop, Keepass2android+webdav) and k2a handles file discrepancies very well. I always pick “merge” when it is informing me of a conflict on save. Have been using it like that for years without a problem.
Edit: added benefit, I have the Keepass extension installed in my Nextcloud, so as long as I can gain access to it, I have access to my passwords, no devices needed.
If you’re up for pgp and git, gnu password store is a killer app. There are a few guis, including Android and iOS, and if you use gopass there’s a nice plugin for browsers as well. And it’s ultimately just two tools that are both solid and generally well known.
Another happy Vaultwarden user here
Bitwarden, keepass, pass