Quick Summary: Self-taught Programmer with hands-on experience in Machine Learning. Trying to break into Product Management and would be interested in taking up Product responsibilities. While I may not have direct PM experience, I have worked extremely hard to develop Product skills at my current PM role which makes a strong potential hire.
Profile Details: As a self-taught programmer with a passion for crafting exceptional products, I bring a unique blend of Technical expertise and Product Management skills to the table. I recently graduated from PM School's Product Management Bootcamp, and have honed my skills in feature ideation, initiative analysis, and collaboration with core teams at Udacity. With hands-on experience in Machine Learning, I am eager to leverage my technical knowledge to drive Product Innovation and Success. My proven track record of Product Development and Strategic thinking make me an ideal candidate for any Product role.
Location: Bengaluru (Bangalore), India
Remote: Yes, preferred. (Willing to adjust my schedule to other timezones)
All the comments here are praising Bezos/Amazon as if they are some kind of Gods at innovation and yet Kindle has completely destroyed and crippled innovation in eBooks. They've so much potential but due to Amazon's monopoly, we're still stuck in the 90s when it comes to eBooks.
Signal won't be able to make even a dent in WhatsApp's empire.
WhatsApp isn't just a messaging app. With its stories and statuses, it's a mini social network in and of itself.
Beyond the HackerNews crowd, most people don't care about privacy. They care about features. Signal won't be able to compete with WhatsApp unless it builds some of those features into its app.
Edit - HackerNews crowd seems to get tunnel visioned when it comes to tech products. Every response below is something on the lines of "I don't use stories" or "None or my contacts use stories".
I don't use stories either. And most millenials don't use it unless they are extroverts. But we make a small percentage of their audience.
Take a look at boomer WhatsApp in India. Every single boomer shares stories with images of Gods or daily morning blessings, where they went, what they cooked etc. The network effects are too strong. Nobody wants to miss out on the stories of their grandchildren's birthday or their nephew's marriage.
Even I wish that there was an en-masse migration from WhatsApp to Signal. But that's just a HackerNews pipe dream. Not happening.
I've seen chat networks come and go. Whatsapp is at it's peak; it can only decline at this point. Most users don't actually care about features, they care about reaching each other. Whatsapp provides that. You could argue that whatsapp was never about the features. It's always been a somewhat bland and bare bones UX. It's simple and easy to understand. That kind of is the whole point.
But Whatsapp got where it is through 1 simple feature: it discovered other whatsapp users through your phone book so that made it easy to start using it. Install the app, and others would find you. That feature has since been copied by world + dog. Telegram, Signal, etc. do the same. Now that both are getting to the hundreds of millions of users (telegram got there ages ago), that safe moat that whatsapp enjoyed is not so safe anymore. I know non technical users that are very eager to escape Facebook's clutches that already deleted their facebook profiles and installed alternative chat clients. Moving over is easier than ever.
Anyway, I'm old enough to remember reluctantly joining the msn network because a lot of people I knew started using that. ICQ, AOL, MSN, Yahoo Messenger, etc. all used to be popular and now are pretty much gone. Whatsapp can easily join those ranks. There's nothing inevitable about its perpetual monopoly on communication. Nothing whatsoever.
If anything, Facebook seems in a hurry to blow its feet off with misguided/dubious decisions on privacy, user hostile actions, and increasing likelihood of having to deal with anti trust legislation in multiple of its markets. It's not helping their case. Every time they are in the news it seems to have a negative tone and some of their users act on it. Facebook is being arrogant.
Signal is a breath of fresh air in this space. Structured as a foundation, OSS client and server (unlike most other things out there). Apparently, Elon Musk recommending it the other day caused a nice influx of users.
Why should it be at its peak? Look at WeChat. If WhatsApp successfully transitions to a platform with payments, business interactions, possibly in-app-ecosystem, then the network effects become even crazier.
Signal on the other hand doesn't even attempt any of that: it solves messaging with no perspective on third-party service integration.
One of the biggest reasons I use and like Signal is because it doesn't have a bunch of extra stupid crap like payments, in-app ecosystem, business interactions and all the other junk pushed by corporations in a quest to "expand the userbase".
I just want a solid texting platform, that's it. So far I've been happy, even with a few unnecessary updates like stickers (?!) and disappearing messages (ugh).
I disagree, most people just want to be on the same network/platform as their contacts and most people don't care about extra bells and whistles but a small niche is out there that actually does.
Most people don't imagine they want those features until they see someone else in their social group using them – fancy status in the form of stories is a great example of this.
People have a strong desire to imitate and one-up others in their social group.
If you build a feature that even 1% of users self-start to use, then the social network can snow ball that with the right mechanics. And these feature need only be used by 20-30% of users for it to be considered a success. Every user is not expected to use all features.
My sense for WhatsApp's dominance is peripheral contacts. I can convince close friends and family to move to Signal, but not distant friends, especially the large groups I'm in.
I'm pretty bearish on Signal for this reason. (even though I use it personally)
The playbook for unlocking adoption would be via a 'minority rule' where Signal users refuse to talk to people on WA, but I don't see that happening anytime soon.
I actually did just that. Changed my status to “only reachable by signal app” also same message on my profile pic.
Just got around 5 people who talk to me on whatsapp already writing me on signal without problem. And funny thing 3/5 have also done same to their whatsapp now
I require none of those things for being able to chat with my sister, mother, or random friends. Facebook wanting a piece of the action that is skimming off transactions I conduct with shops or online is not something I need or want in my life. And make no mistake, that's the only reason they are eager to get into that business. They'll fail because they add no obvious value here.
Sometimes I think HN people were born out of thin air and don't have families. That or mine is special, because if I said to them to change from WhatsApp to whatever in the basis of privacy concerns they'd say that:
1. FB already knows everything about them (btw, a social network the still use)
2. They'd lost contact with a lot of people
And all this without taking into account features that can make the product even more pervasive (I'm thinking payments)
The problem is that once a product becomes the de facto solution and everyone is onboard, is hard to change it, specially one with network effects. If it wasn't we would be using e.g. other search engines, wouldn't be?
Finally, I'd say the announcement of this change is perfectly timed: just after Christmas and in the middle of a pandemic. By the time we meet again with our extended families and we do the de rigueur holidays' technical support this change will have been forgotten by most people ;)
I thought Facebook was too popular to ever fall down. And yet here we are, it's easier than ever to ignore it.
Also, installing an alternative doesn't make you lose contact with anyone. You can set up Signal and make yourself available there without removing Whatsapp.
Many people slowly stopped using Facebook without ever deleting it. Still has the same effect.
I'd say they're two really different products, so even if FB popularity is falling dow, that does not mean that WhatsApp would follow. In fact I'm pretty sure that thanks to services like money sending WhatsApp is poised to grow in quite a few countries.
Unfortunately I'm from Spain where WhatsApp penetration is around 90%, vs a ~65% in UK, so I still know plenty of people, specially family, without a Telegram account (I'd say almost no one over 50 has an account)
You reject WhatsApp and tell your family that they can write you on Signal, because it’s important that your communications are only for you, not for Zuckerberg
> Beyond the HackerNews crowd, most people don't care about privacy.
I really do not agree with this often-made assertion. The main difference between the HN crowd and the general public is that we are more likely to understand how, and how extensively, our privacy is being compromised. We are used to considering computer logs and monitoring as very real (because we work with them / create them); the general public not nearly so much.
To a point, I agree, but there are still a large number of people that understand how their privacy is being invaded, and simply don't give a shit.
Why? Some don't believe these invasions negatively impact them personally. But I think, largely, it's about misplaced (IMO) trust - they trust Facebook et al not to abuse their privacy or "do anything evil", and perhaps worse, they trust all organs of the government completely and totally. Any suggestion otherwise is waved away as "who cares?", or dismissed as a conspiracy theory (yes, even post-Snowden).
Large sections of the media are certainly part of the problem too (as we are seeing for so many things) - some serious, privacy-related stories are either not covered at all, or covered with pretty blatant, extreme bias.
Unfortunately this doesn't explain why my circle of colleagues, at a major tech company, also don't care actively about this stuff. My take: these privacy violations get accepted because there is immediate positive feedback, and the negative stuff is delayed, misattributed, or never felt at all.
And I'm not saying that all people who work with IT are going to be protective of their privacy. Just saying that they are more likely to have an informed understanding of the mechanics of computer monitoring/tracking from which to develop possible concerns.
Agreed, I see the topic come up more and more among friend groups with many of them not working tech. I’m starting to see topics on privacy pop up in mainstream media more too.
Due to the recent app bans and internet censorship measures, the knowledge of / willingness to use security and privacy apps among Indians went up. Similar to what happened in Venezuela with BTC.
Plus, covid forced everyone digital and I had many ask if Zoom was safe to install on their phones along with banking apps because China.
And a privacy service and app I built has highest number of users from India followed by Iran. In my interacting with them, it is clear government bans and privacy concerns due to BigTech were major drivers for them to seek such tools. These people are barely tech savvy right now, but that is going to change.
The thing is, as mobile phones and connectivity become more ubiquitous, people are only getting more familiar with tools they can use to make those devices / internet work for them. This trend, though small in absolute numbers, is only growing.
Signal will be become popular -- if it does -- just like how every other network based app became popular eg. MySpace, Facebook, Twitter, Whatsapp, Instagram, Snapchat. Examples from work... Zoom, Slack etc.
First it's used among a small group of people, has a "cool"ness factor and a USP. Then slowly spreads as other people want to be seen as ahead of the curve and want to be part of an exclusive group. So the Hacker News crowd using it is actually a good sign.
What we need additionally in this case more than the "WhatsApp but better" argument is continually making people aware of the incumbent's behavior, since WhatsApp is well entrenched, to cast doubts in people's minds.
SMS lost because it was costly and lacked features. What will make WhatsApp lose?
It would have to be something fundamental. Any new feature that gains significant popularity can easily be added to WhatsApp (e.g. stories); in addition to having network effects working in their favour.
For me, it’s the dilution of networks. WhatsApp has a purpose and it’s different from FB. Now I have my bike mechanic friending me on FB because I’m a contact on WA. I don’t want some smoosh of all my connections.
I think the key here is that the anti-backdoor argument is based on fundamental problems.
Whatsapp will be inclined to bow to one and then many governments and create backdoors and also wants access to content as part of its business model. They will eventually lose a lot of data that was supposed to be e2e encrypted, people will be upset, and FB's focus will be explaining how its not responsible for the damages.
I am using whatsapp since 2012 (or even earlier) if I remember correctly. I paid $2 a year for 5 years to use WhatsApp. The reason being I have friends and family all over the world including different parts of USA, canada, Dubai, Singapore, Australia, India, UK etc. Whatsapp was the best tool for communication. And as you suggest stories and statuses are a part of whatsapp, it's just a second thought at the best. Out of hundreds of my contacts, I can count people who post stories and statuses on one hand.
Those features are not standing in the way of user's migration to signal app as far as I can tell.
I've been using WhatsApp for a similar length of time, maybe since 2010 or so - I had no idea WhatsApp even had such features beyond messaging, file sharing and videos calls, and I've no idea what "stories" or "statuses" even are. All I want is those core features.
I sort of agree. I call my mom on Whatsapp and there is not way this can change. Both of us are going to use Whatsapp. This is just an anecdotal example of network effects.
But this is also not a winner take all market as I think of it. I am a heavy user of telegram and massive broadcasts happen on Telegram. College students, Twitter handles banned on Twitter etc. have switched to telegram. You subscribe to a channel of a banned user and there is nothing Telegram can do about it.
Signal is especially popular among my political activist friends and few other friends.
Kik remains popular for some narrow cases I will not mention here.
I don't. And most millenials don't use it unless they are extroverts. But we make a small percentage of their audience.
Take a look at boomer WhatsApp in India. Every single boomer shares stories with images of Gods or daily morning blessings, where they went, what they cooked etc.
In my contact circle many people have academic degrees or work in tech jobs and only about 1 out of 10 people would consider switching. I have asked, they just don't care to "have 5 different chat apps installed", when they can "just use WhatsApp".
> Beyond the HackerNews crowd, most people don't care about privacy.
I believe in this one you are mistaken.
Adblocking has gone from fringe to mainstream in just a few years. Tracker blocking and in general putting actual value on one's data is going through the same, only faster.
One piece of data: more than 80% of requests coming on our website disallow tracking. Respecting privacy as a concept has already gone mainstream, the only question is how far "normal" people are willing to take it and what tradeoffs they choose to make in the long run.
I would think that the main reason Adblock has become mainstream is because ads are extremely annoying and not because users are very concerned about tracking itself.
Whatsapp wasn’t always all those things on this first release.
It was the first Universal messaging app across multiple platforms. It worked on a lot of obscure mobile OS’ and devices that didn’t have something like BBM. The ability to connect was novel.
Today’s world is different, it might not be easy to build the next WhatsApp, but technologies are being adopted quicker than WhatsApp was.
If people can learn WhatsApp, and the first app they used a lot was WhatsApp, they will learn other things.
In the beginning I had no idea, why people used WhatsApp. Line hat so much more features in the early messenger days. To use Line for phone or video chat was years before WhatsApp possible. But Line was mostly just in asia a thing.
Something I've been trying to polish which seems worth saying in this context: Physical property is like control over address space. Copyright is like control over strings. Patents are like control over algorithms. But fixed-endpoint SaaSS… is like control over types.
>Signal won't be able to make even a dent in WhatsApp's empire.
Doesn't matter much to me. Getting my immediate family to switch and then having them encourage their contacts to adopt Signal (even if only as a secondary app) is a small victory in my mind.
It's only until the end of your post where you say "unless it builds some of those features into its app". That's kind of an important qualifier. Signal has been steadily growing for a while, and while doing so, implementing plenty of features from other competing apps: disappearing messages came, stickers came, group video calling came, etc.
I'm not saying they're definitely going to overtake WhatsApp, but they've found a niche, are slowly expanding from there, and are doing so by implementing desired features. That's how most social networks have gotten where they are. There's no reason why Signal's current feature set is forever set in stone.
Not a single one of my Signal contacts (almost exclusively non-tech) uses any of the features you mention. It's been awkward watching them blindly copy "popular" features from other messaging platforms. The reason I like and use Signal is precisely because of the minimal feature set - all I want to do is text people directly or in group chat. Some emoji and gif support is nice and that's about it.
I hope Signal stays true to its roots and doesn't give in to more bloated crap like the other messaging platforms but unfortunately I'm not optimistic in that front...
Here's a thing I don't understand - why is everyone obsessed with copycatting?
By aiming for feature parity you, as a business or service, are letting a competitor dictate your roadmap. And what's worse, with features they have already shipped.
As a general case, I think you make a good point. But in this particular case, WhatsApp really is pretty perfect as far as messaging goes - the only issue is the terms of service, so it makes sense for Signal to have the same features, but without horrible ToS.
That's a scary thought. You're effectively saying that small-screen, asynchronous, human-to-human text based communications have been solved, with no further improvement possible.
I think partially almost every business has their roadmap influenced by what their competitors do. Note that WhatsApp/Instagram/Facebook didn't come up with Stories either.
That said, it'll never be just feature parity - Signal's moat compared to Facebook products will always be better privacy.
I love Signal and want it to be "the winner" here... but I mostly agree with you, with one caveat.
The internet kind of functions differently in some parts of the world, and if you've spent time in those regions, you see it's pretty aligned with what you've described. Like, there is a reason that Facebook bought WhatsApp to begin with. Those "ecosystems" are incredibly valuable.
Now, the thing that makes me open to being wrong? The absolute horror of a reputation that Facebook has as of late. I think if this was the debate a few years ago, it'd be much harder for Signal to pull people away, but now...
I just got 3 of my groups migrated to Signal. I expect many more to be migrated by the end of the month. While many may still remain lots of people will be off WA by 8th Feb.
Suggested to move and within one hour my group of peers all moved. Didn't expect it be to smooth but they are happy to add emoticons to each message and won't go back. The feature of automatic message expiration and deletion gives more options for conversations which are more sensitive and requiring higher levels of privacy. The next hurdle is to realize your keyboard application can log all you have written, so no Swift (Microsoft) or Gboard (Google) on that surface of snooping around.
I feel like worrying about GBoard reading your keystrokes is a little unnecessaru. If Google wanted to spy on your private conversations, they can find a way, even if you use a different keyboard. They... built the OS itself. Whether they can keep their meddling secret is another matter.
Hardly agreed, they just don't care about their privacy.
Most of us is somewhat related to the software industry. We know what's the worst thing could happen when we don't care about privacy.
On the other hand, 90% of people be like "so what? should i throw my phone to the lake because they changed privacy policy?". I really like Signal, but yeah. WhatsApp at the another level that couldn't be changed in some privacy assaulting policy changes.
> Beyond the HackerNews crowd, most people don't care about privacy.
I think the ratio of people who are technically literate is growing. So even if true, its still important. Think of how many non-technical people are trying to push their kids towards coding, in part, due to the unavoidable evidence that techies are making more loot that lawyers and doctors. Its a top profession for middle class now.
Change happens on the margin. If success is defined by everyone moving on the same day, we’d still be using ICQ. This issue is an opportunity to make some people aware and maybe move a few networks to better solutions. So make a few changes, nudge a few groups, make people aware of the implications of their implicit decisions.
I don’t know about that. I’ve seen three local communities here migrate over in the last few days. The reason they did that was due to a couple of vocal members. That includes my wife’s company, the school parents group and the local cycling club all of whom are about as technically aware as a potato (I end up doing most of their out of band IT support)
I suspect it’s a little more complicated though. Some of the WhatsApp groups are quite fatiguing to belong to due to politics and quite frankly unbearable individuals and this allows people to have an excuse to exit them without having half of your contact list trying to get hold of you and drag you back in again.
As for features, absolutely no one I have seen locally here use anything other than basic use cases that signal supports.
Me, I just uninstalled it. I’m going to see if I need to replace it. It appears after all that everyone I need to talk to so far uses iMessage.
I have just migrated one non-IT group chat from FB. Everybody is happy so far. Actually all of them dispise Facebook and were more than happy to move to something else. Setup was easy.
This I certainly don't agree. Telegram would have been the most popular app in India if this was true. It is only recently that WA has come close and slightly more in some cases.
Of course it is. Using !g, Google knows that on one computer I use I have never agreed to the Google 'Before you continue'. Isn't agreeing to that, agreeing to be tracked?
More people need to realise this and be cautious of such fads. I got caught up into the whole touch-typing hype and continued typing in that awkward posture for 3 months straight more than 12 hours a day and didn't stop even when my hands, shoulders and neck started hurting due to the awkward posture that's caused by touch-typing.
I am in the worst pain of my life right now. Absolutely regret it. Sure the error rate is slightly higher and you type slower. Atleast you won't be f*cked with RSI.
I’m really confused by this whole thread and just want to clarify. “Touch typing” just means typing “correctly” right? As in with your fingers on the home row and reaching to type fluently?
Honest question, how is it that there’s debate about this and comments from people (on Hacker News in particular) about intentionally learning it recently? Maybe I just haven’t noticed, but I feel like everyone I know below a certain (not even very young) age knows how to touch type, even if they’re not particularly tech savvy.
Regarding this parent in particular, are you saying that hunting and pecking is better and typing from the home row is a fad?
> I’m really confused by this whole thread and just want to clarify. “Touch typing” just means typing “correctly” right? As in with your fingers on the home row and reaching to type fluently?
Yeah, "touch-typing" is incorrectly used to refer to home-row touch-typing by people who hadn't learned another style.
I use a totally different one, with my left hand resting on roughly shift-a-w-d and my right on j-i-o-; which requires little to no twisting to reach every key. I think I'm also more likely to lift my hands than home-row typists I've seen - those keys are just resting positions between typing bursts, not actually where I move my fingers back to while typing. The whole thing is based on the edges of the keyboard, rather than the nubs on the f and j keys.
I think there's a spectrum between grandma-style hunt and peck typing and perfect touchtyping, and I think many of us are somewhere in between. If you haven't specifically learned 10-finger touch typing, that's probably not what you're doing.
My typing certainly isn't Correct(TM), but some combination of muscle memory and bad habits formed over 30 years.
Yeah like what @encom mentioned below. I don't know about others but for me* it was a complete disaster. Your hands are always in one place.
The posture is very similar to the posture that is required when lifting a single dumbbell with both hands. Hands are side-by-side and your hands sort of form a triangle. This posture also causes shoulders to hunch forward to make up for the hands stuck close together.
Sure. It might work really well for everyone. Not for me. I am going back to normal typing once I heal. It wasn't really that bad. Just a few errors here and there and slightly slower typing.
There is touch typing and correct touch typing. "Home row" and friends is the latter. I'm typing pretty fast with all ten fingers in both German and Russian layouts, however, I've never became friends with classical touch typing. This circumstance make using split keyboards impossible for me, since I tend to cover more of the keyboard with my right hand than considered "correct".
I don't understand how touch-typing forces an awkward posture. I had a self-taught typing style for something like 10 years before switching to touch-typing about 4 years ago. I'm just as capable of slouching, leaning, raising, and lowering my posture like I did before. I started getting pain in my shoulders and neck but that was from pushing my hands together on a tiny keyboard. As soon as I switched to a split keyboard, all of that went away.
Just because someone says 'you will get RST when you do x' doesn't mean its true.
I'm touch typing now for over 18 years, quite fast, basically started with touch typing and i don't have issues.
There are plenty of alternative keyboards out there which will allow you to keep touch typing = fast and more ergonomic.
Alone the fact, that you need to look down to find your keys is weird to me. How do you correct your text while typing? Looking up and down all the time?
Personally I never have any issue with using keyboard. It's the excessive usage of mouse that is detrimental for my (right) hand (not just the wrist, the fingers hurt more from clicking and using scroll wheel too much.)
Since we do not make enough BH4 (tetrahydrobiopterin) with this enzyme deficiency we cannot metabolize the amino acids needed to make serotonin, dopamine, and Nirtic Oxide. And then some of these amino acids turn into trace amines that act like meth.
The deficiency causes problems with amino acid metabolism, which themselves mess up the brain.
The depression was a mere symptom of the underlying disease. When you read the DSM, you realize there are no mental illnesses, just syndromes: sets of signs and symptoms. Except in select few cases, the pathophysiology is unknown.
Protein is split into amino acids and then recombined into proteins inside body. The splitting process and recombination process need glucose in blood and, effectively, drain glucose from blood.
In my experience, some of the amino acid sport drinks can drain glucose from blood to the point where I had clear signs of very low glucose levels, including restlessness and shaking limbs.
The glucose level may affect mood and has other interesting effects.
If you look at what carbs, fats and proteins do with you mood, I think you will see that carbs make one relaxed (see relation between carbs and orexin), fats make one jolly (due to endocannabioids) and proteins make one awake (draining carbs from blood, mainly).
Bitwarden. Works well and the integration with 2FA/TOTP is amazing. I highly recommend to not rely on a single (mobile) device for 2FA. Loosing or breaking it might shut you out of certain accounts forever.
Same, used to be LastPass but the more I learned about them as an entity I realised that they were not what they once were and I switched to Bitwarden.
I also found this suited my devices and usage, Linux, Android, Mac, Windows... happy across the board.
Also... employers tend not to use Bitwarden, they pick 1Password or LastPass, so it means I can have both work and personal on my BYODs.
Yea, I used to keep my passwords and backup codes in two separate KeePass vaults. Now I use Bitwarden for passwords but still use KeePass for my backup codes.
I use the notes for each entry in Bitwarden to indicate what kind of 2FA I have enabled and whether I have a backup code already stored in the other vault.
I guess answers here will be skewed towards Bitwarden, because those who already use it will likely be more interested in this thread.
I also use it at my company, and personally with my wife. Also got my mum to use it!
At my company, we also use it for server secrets, using envwarden: a simple wrapper we created and open-sourced[0] for managing server secrets with Bitwarden.
Love this and currently testing it for deployment at my company. Thanks for making it, it feels 1000x more straightforward than Vault, etc.
I'd love to hear an official stance on it from Bitwarden to know their take and whether they're considering supporting this important use case in an official capacity (e.g., sponsoringor providing some kind of support for the project). Seems like it could be a big differentiator over other password managers.
BitWarden. Used to use 1Password, and while I don't mind paying for a service, especially a 'security' related one, I couldn't see the benefit over what I was getting with BitWarden.
I use Bitwarden_rs (https://github.com/dani-garcia/bitwarden_rs) and self-host it in a Docker container on my Synology NAS. I only allow access to it from my internal home network.
The nice thing about Bitwarden_rs is that you get features which you would have to pay for with normal Bitwarden. For example 2FA with U2F. As a note Bitwarden_rs is written in Rust.
That’s not what I would call the nice thing about bitwarden_rs. What I would call the nice thing is single-user total disk usage under 20MB and memory usage under 30MB, with totally negligible CPU usage. The official server requires SQL Server and quotes recommends 4GB of RAM and 25GB of disk space as a minimum, though I imagine the true minimum it could survive with would be a good deal less. (Still, I do appreciate being able to generate TOTP codes, which is paid functionality with the official server.)
While you can used the premium features without paying, I would strongly urge you to pay for a license anyway. It doesn't cost much and the Bitwarden folks are a small team doing a great product. I really like bitwarden_rs and wish the official server would adopt it or something similar. The official server is pretty darn heavy.
I also use Bitwarden_rs so I don’t have to host a MSSQL database, but it’s worth noting that the Bitwarden_rs server hasn’t been audited. It uses the same upstream clients (including web), but that doesn’t fully cover the implementation.
BitWarden. Switching our business from LastPass at the moment.
I found LastPass painful to use and sync between local vault and server side to be broken. No thought has been given to layout, commonly used options are buried and basic things like selecting the right credentials by subdomain do not work. Their recent UI refresh has simply made things slower rather like Google's admin UIs. They have rather annoyingly decided, against NCSC advice, that I need to see a reminder to pointlessly cycle my master password every time I log in.
The final straw was when they applied a large renewal charge without authorisation to a card they were not given permission to keep and then mishandled the resulting complaint in every way you could possibly imagine.
Bitwarden is cheaper and far more usable, I can't find any single thing that LastPass does better for twice the price.
Bitwarden. I used to use LastPass but I prefer Bitwarden because the clients are open-source (including optional self-hosting and a mobile app on F-Droid), the URL matching seems to be more flexible and intuitive to configure than I found on LastPass (more than just separate subdomains), and the syncing across devices and auto-fill using standard Android APIs works perfectly with the mobile app. I also pay the $10 USD/year for the premium plan mainly for native YubiKey 2FA without using TOTP codes.
I've considered using Pass or other open-source self-hosted/synced alternatives but I don't really want to fiddle with something like this quite yet because Bitwarden meets my needs perfectly.
Bitwarden, so does my (tech savvy but doesn't work in IT) wife. I'm using it in ipad OS, Android, Firefox, and Chrome. It works great with several different second authentication factors like hardware keys and the Google authenticator app.
One fantastic feature is that you can add the second factor 6 digit generator to a given password, just like an authentication app. When you log in by filling the username/password and hitting enter, your second factor is copied to the clipboard. That lets you just paste it in, which is very convenient for those annoying sites that make you log in with 2FA every 30 to 60 minutes.
I used pass (unix passwordstore) before. I found it extremely comfortable when I'm working with just my system. I did find the inconvenience of setting it up cross platform when it depends on my gpg key. How do people access their gpg keys in phones or a new laptop for example? Do you store it somewhere online? How do you make sure not to lose the gpg key? When I got my new system now, I forgot to backup my key and lost my previous passwords. This is the only challenge(?) I face. Other than that I love everything about pass.
Now I'm testing waters with bitwarden. I like the cross platform functionality so far and the self hosting option. I also like that I just need a master password and don't have to worry about keeping any extra keys safe. I'm not a security expert so I'm not sure whether encrypting before syncing with bitwarden servers is actually safe (this is what bitwarden does afaik). I'm yet to try out their cli option. I also wonder what would happen to my passwords if it shuts down abrubtly. Do I have a backup/copy of the passwords somewhere? This is something that concerns me, where I feel pass is superior. Maybe if there was an option for pass, to use passphrase for encryption rather than gpg, that'd be really cool (maybe not good security wise? I'm unsure on this aspect)
I also liked that when I add the URI of the website login, it gives the icon for it too. Bitwarden's user experience is top notch. I recommended my parents to try it out, except for a few basic questions they were up and running within a few minutes. That's something I really appreciate.
If anyone has self hosted bitwarden, how do you make sure that it is safe from attacks? I'm still exploring this option. Bitwarden uses azure and lets the MS team take care of managing the infra (I'm guessing this includes taking care of attacks).
I've used LastPass for years before switching to Bitwarden due to peer-pressure on HN/Reddit (posts like these, praising Bitwarden).
After a few months, I watched back to LastPass. Bitwarden never quite worked right and as far as I know doesn't provide a way to review access history (I was hacked and wanted to see if other IP addresses accessed Bitwarden).
I'm currently using MacPass on macOS and KeePaasium on iOS, and syncing both through Dropbox. But that means I need my Dropbox credentials, in addition to the KeePass file secrets, if I lose both the Mac and the iPhone (after a fire or a robbery for example). Not sure I'm comfortable with that.
I'm considering switching to 1Password or Bitwarden. But I'm not sure about BitWarden using the same password both for encrypting the vault and accessing Bitwarden server. Chrome for example has an encryption password which is different from your usual Google Account password.
I may be a little off in my description, but I believe that the Bitwarden server never sees your password. The client sends a derived key to authorize your access to the vault and then your password is used on the client side to decrypt the vault.
It all depends on the risk you’re trying to mitigate. A MITTM or a server attack won’t be able to gain access to your passwords, even if they intercept the data. A user with knowledge of your password or a key logged on your client could. However in either of those cases, you’re not protected all that much by having two passwords as opposed to one long one.
Bitwarden. Migration from lastpass took just a few minutes. I don't need fancy features and Bitwarden seems less likely to have RCEs in the client and other screwups.
1Password, and I've been happy with it, but I generally recommend Bitwarden to anyone who asks because of the free tier.
I intentionally use other things for my 2FA and TOTP so that my most important accounts are still not accessible even if you somehow get into my password manager. I use YubiKeys where I can, Google Authenticator when it has to be TOTP.
BitWarden for less "important" things like gaming, streaming, store, and forum logins. Things that would be more of an inconvenience if it were to be hacked.
For more important things I use KeePass and keep it all offline.
Pass and Browserpass or gopass bridge. There is also QtPass and Password Store for Android. Love having my passwords synced using Git and backed up encrypted in the cloud using GPG.
I'm another bitwarden user. I used to use lastpass but back when firefox switched to their webextensions lastpass didn't update right away so I switched.
I switched from KeePass to Bitwarden. KeePass worked great, but I decided it just wasn't worth it, as well as being potentially riskier, to manage it myself.
For example, if you use a third-party KeePass app on your phone, besides having to figure out a secure way to sync it, you also now have to trust the developer of the phone app as well. Larger attack surface.
This! Just sync your keepass file with your NextCloud (or Google Drive or whatever) and you're good to go. Has a mobile App and there are probably Browser Add-Ons available. Costs nothing and works like a charm.
Quick Summary: Self-taught Programmer with hands-on experience in Machine Learning. Trying to break into Product Management and would be interested in taking up Product responsibilities. While I may not have direct PM experience, I have worked extremely hard to develop Product skills at my current PM role which makes a strong potential hire.
Profile Details: As a self-taught programmer with a passion for crafting exceptional products, I bring a unique blend of Technical expertise and Product Management skills to the table. I recently graduated from PM School's Product Management Bootcamp, and have honed my skills in feature ideation, initiative analysis, and collaboration with core teams at Udacity. With hands-on experience in Machine Learning, I am eager to leverage my technical knowledge to drive Product Innovation and Success. My proven track record of Product Development and Strategic thinking make me an ideal candidate for any Product role.
Location: Bengaluru (Bangalore), India
Remote: Yes, preferred. (Willing to adjust my schedule to other timezones)
Willing to relocate: No
LinkedIn: /redacted/
Résumé/CV: /redacted/
Email: /redacted/