It is not a problem if you have your vault backed up to at least one off-site location.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password migrants thread
- Thread starter MacBH928
- Start date
- Sort by reaction score
The issue I bring up with #2 isn't that they can get into your vault, but the fact that they would have your vault to begin with. The protection should be with not having access to your data, but instead it should be with having your data. Your data isn't just what is in the vault, but is the vault itself. That is the problem.
This is where you need to backup your computer, and have that backup in multiple locations. For example: I am using Enpass on my Mac, iPhone, and PC. The Mac is the primary location of the vault, so the rest sync either over the network or over WiFi (it is the same method if it is over Ethernet or WiFi). However, I will back up my Mac to a multiple external disks via Time Machine, plus back up my vault to my NAS (Synology), and then back up my NAS to multiple external disks. One set of drives stays on site with me, while the others are stored offsite. So if my house gets cratered or I lose my PC, Mac, and NAS and local disks (extremely low probability of that, but let's roll with it), I can still get to my disks offsite, restore my NAS restore my Mac (from the TM Backup, which puts Enpass and my vault back on my Mac), reinstall Enpass on my PC, restore the backup of the vault from my NAS, sync with my Mac again, and I'm back in business.
The biggest thing with this is you should never go without having backups for your data, and that you are never safe in the validity of your backups than your latest restore.
BL.
managing multiple accounts on Bitwarden is horrific. they made it on purpose this way to benefit from having an "enterprise" solution. I must say, multiple accounts on something like 1password is much more pleasant experience.
attaching and detaching disks is very annoying especially. In an ideal case, you would have something like backblaze that with 1 click would backup to multiple sites the problem is privacy. Can't trust the back up software nor the storage.
I'm still undecided between Bitwarden and EnPass. While I prefer EnPass, I'm concerned about losing access to all my devices due to a fire or other unforeseen circumstances. With Bitwarden, I've configured two-factor authentication (2FA) using both YubiKeys and email. Even if I lose my YubiKeys, I can still access my Bitwarden vault via email as 2FA. However, I'm not sure how to handle disaster recovery with EnPass. If I sync my vault with iCloud, Nextcloud, Dropbox, or any other option, and I lose access to my devices, I'll lose access to EnPass as well. Consequently, I won't be able to access iCloud or any other services, and I won't be able to recover access to my EnPass vault. EnPass users, I'm curious to know your disaster recovery strategy.
I have both and use both equally.
I don’t know what you use Enpass on apart from iPhone?
I have it on my Mac for WiFi sync and it is main one that get updated. I also have it on iPhone and iPad that sync to Mac manually whenever I update or add new password. So basically I have 3 devices and if one get lost (hopefully never!) or damaged/stolen (hopefully never too!) I still got others for accessing passwords.
Enpass does support every Cloud solution you have. For example, here is how to set up a vault and sync to it in Nextcloud:
This works for any other SaaS that uses WebDAV, so you're good to go there.
This is in addition to those offered over WiFi Sync:
So EnPass does everything that you are looking for, in addition to being able to store your vaults locally, like what 1Password used to do.
BL.
II think I'll just stick with Bitwarden for now. It just feels easier to access in case I lose access to all my devices in a major incident, since I have email configured as one of the 2FA methods, and I can access my email with just my email address and password.
Also, consider this: If you lost access to all of your devices in a major incident, and you lost your devices, would you actually trust using a device that isn't yours to access the vault that is yours? I would be more worried about using such an untrusted device? You would have lost everything, so you are either buying a new device, or borrowing another device to access your sensitive data. Trustworthiness of the device you would use comes into play, and if risk assumptions of using such a device compared to the need of disaster recovery. Only you can answer that question, but the problem here is that if you lost all of your devices from such an incident, then you don't have the means to get to your vaults anyway; the need to assess the risks for using email to get to your vaults from a device that isn't yours and/or don't trust is something that needs to be taken into account.
After that, the biggest problem would be the single point of failure: the location of the incident where you lost your devices. That isn't a slight against you; no one realizes that the biggest single point of failure they have when it comes to sensitive information is the residence where they live. If that was lost, everything is gone. You'd have to piece together everything you need to recover, from everywhere that may have a piece of your life:
- Need birth certificates? Have to get hold of the state office of Vital Records.
- Need identification? Have to head to to the DMV.
- Need bank records? Have to head to the bank.
- Need insurance info? Have to call the provider.
BL.