C2 Password C2 Password vs Bitwarden (Vaultwarden)

Currently reading
C2 Password C2 Password vs Bitwarden (Vaultwarden)

I care more about ease of use. Nobody is going to hack my accounts, they would have to know my 70 emails first.
 
Last edited:
I care more about ease of use. Nobody is going to hack my accounts, they would have to know my 70 emails first.
That’s exactly the point… a malicious actor can hack synology service c2 and will know all your 70 email’s password. Same happened to Last Password. There’s no need to point to just your account…
 
Most any password manager is a simple affair to use. How is self hosting Bitwarden not that?

We use our NAS to self host photos, calendars, contacts, media... Why would passwords be more difficult? Good luck with your decision.
I used lastpass, 1password, and bittwarden, and now C2, and it’s far easier than the others. bit wardens shortcut did not work very well, I was forced to use the right click menu too often. also the lastpass data in encrypted, so they didn’t get any useful data.
 
bit wardens shortcut did not work very well, I was forced to use the right click menu too often.
This doesn’t make too much sense. If the login account was showing thru a right click menu it would have filled with ctrl+shift+L . The hardest part is getting the uri down, which again if it’s showing on a right click that’s more than half the battle.
 
also the lastpass data in encrypted, so they didn’t get any useful data.
That's a pretty generous interpretation of the reality, eg The LastPass disclosure of leaked password vaults is being torn apart by security experts

  • If one had an early account using 5000 iterations of the PBKDF2 algo they used, the encryption is weak and you're out of luck
  • If one used a weak master password, then same
  • One's email addresses & URLs stored with one's account & passwords were stored in plain text and have already been added to the repos of such being traded around the web.
  • The blob of data that was leaked is currently being subjected to brute force decryption attempts by ex crypto mining outfits with racks and racks of crypto ASICS / GPUs at their disposal. Yep, they're doing it right now.

Added to the repeated breaches reported for Lastpass over the years (iirc this was the 7th), I'd suggest that the above take is a little glib. At the very least, I'd recommend you change your critical account passwords asap, before the people with the GPUS get round to brute forcing your particular account in the blob.
 
Last edited:
Vaultwarden for me.

While the C2 offering appears to be fairly decent, I was a 1P user for just over a decade and recently switched away to Bitwarden. I have also always tried to stay away from anything being cloud hosted in general.

I cannot fault anything in the 1P product, it was fantastic and served me very well over the years. But the bigger they are, the bigger target they become and I would prefer to stay away.
 
ai only said f ed up with Lastpass in 2018, and deleted my account in 2020 So I doubt they got my data.
 
So I doubt they got my data
Be aware that what they actually got was a backup of user data from Lastpass, not the current "production" data. AFAIK Lastpass has not disclosed how far in time the backup data went.

I also deleted my account in 2020, but seeing the disclosure process I trust nothing Lastpass says or does not say. I do not assume that my data was NOT in the compromised backup, and I have changed all passwords I had in lastpass that were still valid.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top