I’ve been using Dashlane for years, it’s the best password management software I ever used, even when I made the decision that migrating all my passwords to Bitwarden, I still believe no other password management software can compete with Dashlane. So why did I abandon Dashlane anyway and embrace an ugly, incomplete, open-source password management Bitwarden?
pros and cons
|Cross-platform support||All platforms||All platforms|
Dashlane gives me the best experience of managing thousands of passwords. I used lasspass and 1Password before. All of them just lack the smooth and convenient autofill functionality. When you click on a form, Dashlane will pop up a complete list of credentials. This functionality does not only work on password forms but also work on payment forms, personal information, and it can even autofill 2FA!
Why did I switch?
For so many years, I put down all my personal data, events notice, backup notes, bank accounts, and credit card information in Dashlane. I would have been still using Dashlane if it chooses not to deprecate the desktop version.
To maintain the secure state of my passwords in Dashlane, I created a robust master password. I cannot memorize the whole master password because it’s too long and very complicated, so I kept it in my Yubikey. Every time I just need a slight touch and my Yubikey will fill it out for me. Also, I can enable Windows Hello as my alternative login method instead of the complicated master password. But all of them disappeared after Dashlane abandoned the desktop version. Now I have to check out my master password every time after booting my computer (I only need to type 4 digit PIN when I can utilize Windows Hello on desktop version)
To be honest, Dashlane is definitely going on downhill. It used to be the best one among other password management software. It’s the first one that invents the popup menu for autofill, it’s the first one that created the floating bulb on Android so we don’t need to switch between Dashlane and the app we were using. It used to be so creative, but now everyone else is catching up while Dashlane starts panicking.
The $50 annual subscription fee is not very expensive comparing to it’s importance in my life. The problem is that Dashlane is becoming a tyrant. It totally ignores customers’ suggestions and do what they think is right.
Secure Setup of Bitwarden
Let’s switch to Bitwarden!
The original Bitwarden limits free users from accessing serval “premium” features such as 2FA and TOTP, even you setup a self-hosting server. I don’t really get the point since Bitwarden was already open source. I choose Bitwarden_rs which is a Rust version of a full-feature Bitwarden server. A funny part is that some fundamental libraries on Rust seem do not support TLS and thus we have to use a reverse proxy to safely handle all HTTPS requests.
I build my own Bitwarden server on a home server. To prevent potential harmful attacks and scanning, I made my IP address hide behind Cloudflare with full strict end-to-end encryption, and only allows Cloudflare’s IP pools to send requests to my server.