I have some passwords saved in Google Passwords and some in Apple Passwords. Now I want to unify them without creating duplicates in something like Bitwarden. How do I do that? I haven’t seen a tool to do that in Bitwarden or anywhere else.

How do I get my passkeys out of Bitwarden to 1Password? I tried that direct transfer from the apps and it said my vault was too big. Creating a text or json file does not include passkeys? Is there going to be a universal way to export import passkeys?

Hey everyone,

I’m curious about real-world experiences, not just feature lists.

Has anyone here actually had their phone stolen or pickpocketed while it was unlocked (or quickly accessed)?

I’ve been reading a lot about password managers like 1Password, Bitwarden, and Proton Pass, and on paper they all claim strong security (biometrics, auto-lock, session revocation, etc.).

But I’m wondering what actually happens in real life when things go wrong.

My main question:

If your phone gets stolen, which password manager actually helped protect your passwords in practice?

• Did remote logout/deauthorization actually work fast enough?
• Was anything exposed if the phone was already unlocked?
• Did you manage to stop access before damage was done?
• Or did it basically not matter once the phone was in someone else’s hands?

Thank you.

Im looking for the ultimate password manager. I currently have Bitwarden and Proton Pass. I recently came across Password Anchor and someone mentioned 1password. Im getting confused with all this info im reading about. Im 73 and not real tech savvy. I like proton pass and bit warden. But now I read that password anchor is strictly stored on your phone, no cloud involved. Can someone help me figure out this old man's dilemma? Should I try out password anchor or just stick with proton and bitwarden?

Im looking for the ultimate password manager. I currently have Bitwarden ans Proton Pass. I recently came across Password Anchor and someone mentioned 1password. Im getting confused with all this info im reading about. Im 73 and not real tech savvy. I like proton pass and bit warden. But now I read that password anchor is strictly stored on your phone, no cloud involved. Can someone help me figure out this old man's dilemma? Should I try out password anchor or just stick with proton and bitwarden?

Seeing a lot of posts about how the founder had to step down as CEO and that Michael Sullivan is now the CEO who has a background heavy in mergers/acquisitions and working with private equity firms (e.g., prior roles at Acquia and Insightsoftware).

I am ignorant on topics like this, especially given that it’s open source, perform audits, and such. I have been a long time user of Bitwarden, so as a consumer and user. Should I honestly be worried? Or is this just a thing of people freaking out about a change and they bombard with posts cause they are upset and feel like they want to vent?

I also ask this cause when I help out with some coworkers (I work in healthcare) in helping out their cyber security (especially since some travel), I always recommend Bitwarden.

With the recent management changes at Bit warden which password manager do you plan to move to?

So I finally got around to moving everything out of Chrome's built in password saving and into a proper manager. Spent the last few days reading threads here and honestly came out more confused than when I started.

Main thing I care about is privacy, I don't want whatever company running this to have any real access to my stuff. Secondary is aliases, I've been meaning to properly set those up for ages. Anyone been through this recently and have a clear head on what actually matters vs what's just marketing?

after last statements of bitwarden im thinking to leave them and i got 3 choises so far

keePassXC , 1password , robo form

i need them on mac , linux , pc and ios

which one and why ?

thanks

From their site some stuff have changed, and internet archive testify it. They removed "Always Free", and changed GRIT from "Gratitude, Responsibility, Inclusion, Transparency" to "Gratitude, Responsibility, Innovation, Trust".

Also I discovered that the people that were CEO and CFO from 2019, changed without any public announcement. What do you guys think about it? Tbh it's a little bit concerning, I understand they have 10 millions users but...

Bitwarden vs AliasVault. We’ve (probably) seen the recent news regarding private equity. What is the verdict on AliasVault? Is anyone using this alternative? Does it have any issue or nasty lock-in? (What happens to aliases if the project goes bust?)

I’ve been auditing my security setup and decided to properly migrate away from storing TOTP codes in my password manager (Keeper). Having credentials and OTP in the same vault defeats the point of MFA, so I’ve built a tiered migration plan across ~230 accounts.

Hardware - each key held in a separate location setup and rotated around when required to add keys to see ices.
•2x YubiKey 5 (black) — FIDO2 + TOTP (32 slots each)
•1x YubiKey Security Key (blue) — FIDO2 only, no TOTP

The tiers
Tier 1 — Passkey/FIDO2 (unlimited, all 3 keys)
Any service supporting FIDO2 or passkeys gets all 3 keys registered. No slot cost, phishing-resistant, domain-bound. ~35 services including Microsoft, Google, Apple, Amazon, PayPal, eBay, Adobe, Atlassian, Xero, GOV.UK.

Tier 2 — YubiKey TOTP (32 slots, black keys only)
Highest value TOTP-only accounts. Banking, NS&I, mobile carriers, energy, hosting/infrastructure, HR systems. Slots ranked Critical→Low so the least critical can be evicted to Tier 3 if a higher value service needs a slot.

Tier 3 — Authenticator app
Lower value TOTP accounts. OTP still separated from Keeper, just not hardware-backed.

Tier 4 — Password only
No MFA available. Strong unique password in Keeper.

The sliding scale logic
32 slots is a hard ceiling. If a new high-value TOTP service appears, the lowest Tier 2 entry gets evicted to Tier 3.

If any Tier 2 service adds passkey support, it gets promoted to Tier 1 and frees a slot — pulling the top Tier 3 entry up.

Questions for the community

1. Any services I might have missed that support passkeys that aren’t obvious? I need to cross reference more on 2fa.directory to be sure.
2. Is there a better approach to the 32-slot ceiling than the sliding scale eviction model?

Comments welcome!

A serious problem with Bitwarden is that it is inconsistent in accepting and recording passkeys; in contrast, ProtonPass stores them Quickly.

is it even possible to go through all your old accounts in this day in age without having backup emails? over the last 10 years I've had multiple iclouds, gmails, Apple IDs, instagrams, snapchats, tiktoks, email accounts, etc. instead of organising or deleting stuff I would get overstimulated and make new accounts. the thing is I also had to make new emails for these accounts which I never used again. its been weighing on my mind for some time now so I tried to go on my old phone a few months ago and it wouldn't let me go on unless I put it through iTunes. I've had so many google photos accounts like I just have so many memories which I can't access and maybe never will be able to because I was so stupid. I am always so envious of everyone who can go through their iCloud and find photos, data etc from 10 years ago like mine is 2 years max. anyways does anyone know a good structure I could try approaching this. it is a really really daunting task but if I don't do it soon I never will and those memories will just be in the abyss.

I used to use the same password for most of my accounts. Just set up Bitwarden this week and realized how many accounts I had forgotten about. What password management are you using? Or still prefer to write down the password on an actual notebook?