What do you use for syncing your password manager between your Android phone and your PC? Apparently Nextcloud doesn’t support two-way syncing on Android for some reason, and Syncthing-Fork is still untrustworthy since the disastrous handover. The AI generated profile picture of researchxxl doesn’t exactly inspire confidence either, neither does his GitHub bio:
Hi! My name is Jonas and I like to use my coding skills from games and modding to continue work on the Syncthing for Android wrapper.
Everything about this person screams vibe coder.
Bitwarden is an alternative, but I don’t like how non-standard it is. It’s cumbersome to manage and backup, meanwhile the KeePass format is just a file that I can backup wherever and however I want and there are many frontends to choose from.
Have you solved this?
smbsync2
I use proton and it seems to work just fine for me
I’m looking for a selfhosted alternative, I’m not really to keen to place all of my password eggs into one company basket so to speak. But yes, other than that, Proton is a good choice (but I’d probably go with Bitwarden personally). Thank you.
Understandable why you would want to selfhost. I also use proton and for me it is something that I would rather pay for so I don’t have to administer it. I also hope they’ll keep improving the auto-fill experience.
I migrated out of keypass and into vaultwarden, not looked back since.
Passwords Nextcloud app
I still think a syncthing client of some form is ideal. As someone else mentioned there is the option of using the Syncthing Tray devs experimental android build. To avoid issues with sync-conflicts / maintain high-availability access to the most recent file, I sync the databse to a raspberry pi with the encryption option selected (not that the pi is untrusted per se, but it is a device that doesn’t need access to the file, it just serves the most recent changes to other devices since often my laptop / phone / desktop are not all on at the same time).
I’m a vaultwarden user, who likes the idea of both the bitwarden and the keepass way. Just to consider new possibilities, isnt it possible to put the keepass db in a private git (selfhosted forgejo or gitea). And sync the repo with an app like puppygit which syncs automatically everytime I open or close keepass. Is this a safe walkthrough?
I like the idea of using git, and there are people using it with their KeePass database (here’s an example), but I don’t think it’s optimal. If you want to use git,
passis probably the better option, but that brings in a whole lot of other problems.I’ve started using Nextcloud to sync my database and it’s worked out fine so far. Though it would be nice to use something like git that I use all the time regardless, right now the whole bloated Nextcloud stack I have hosted only syncs my small password database haha.
I use KeepassDX syncing via Nextcloud, works flawlessly. I also used to use Keepass2Android, also works very well.
Can you elaborate on the “nextcloud doesn’t support 2-way syncing on android” statement? I can sync my Keepass database back and forth without issues.
I’m talking about this issue: https://github.com/nextcloud/android/issues/19
I see where you’re coming from. I also really wanted that in my early days of android and nextcloud. Turns out, nowadays you don’t really need that for most use cases, and definitely not for KeePass syncing. Nextcloud app for android exposes all the files via content framework and KeePassDX can sync two ways via that. Other apps like Keepass2Android even have direct nextcloud support via WebDAV, though these days I prefer KeePassDX a little bit more for unrelated reasons.
I recommend you try either KeePassDX or Keepass2Android and see for yourself.
Also, most file managers support CF and will show you your nextcloud files as if they were real files on the device, even without “real” two way sync, and most other apps will be able to save & open files directly from nextcloud.
I’m currently using KeePassDX and I’ve set up the Nextcloud server and downloaded the Android app. I’ll give it another shot. Can you explain more how you’ve set this up for yourself? What does CF mean, and what file manager do you recommend?
Thanks!
CF = content framework, android somehow decided that users shall not see and interact with “real” files and instead, have apps like nextcloud act like content providers and expose a file-like API …whatever, it is what it is, but in the end it works.
I’m currently using Material Files, but even android’s default file manager, bundled with the OS, shows Nextcloud in the left sidebar (your mileage may vary on this one, as each phone vendor tend to customize it a bit).
As for my setup, there’s really not much to it: I selfhost nextcloud, have KeePassDX and the Nextcloud app, and when you setup KeePassDX, select “Open existing vault” and in the sidebar you should be able to select Nextcloud and pick files from there.
Note: For Material files, and most file managers really, nextcloud might not show up by default (“security” or something), but you can “add external storage” and give it permissions.
I managed to get it up and running now, thank you! It wasn’t intuitive at all, compared to using nextcloud-client on the desktop. I’ll try this for a while and see if it works for me.
Glad to help!
Yeah, self-hosting often means trading more control for less convenience, some times more than others. Either way, I hope this setup works for you!
I am also using KeepassDX and Nextcloud. I’ve had this setup for years and never had an issue with syncing.
Nextcloud and favorite the file. It’s worked reliably forms for years. I don’t need to create new passwords on my phone, though.
Personally, I use Keepass with syncthing and it works fine enough. If you don’t really trust the new person behind Syncthing-Fork, you could always install the older version before the handover (I think before v3.4?).
If you really don’t trust syncthing at all, you could just manually back it up. New passwords aren’t made every day, so you could just copy the passwords database over between your devices whenever there’s a change. That’s what I did before I heard about syncthing, and is what I do with my music still, since I don’t regularly update what music I listen to.
I share your sentiment about Syncthing-Fork and the botched handoff to researchxxl. I have yet to implement the Termux-based workaround that allows me to use Syncthing from the browser without the Android app / wrapper. It looks pretty clean as it’s just pure Syncthing with a little starter script.
For say a keypass db you don’t need even that, Just sshd gets you rsync on your computer with cron or systemd timer / service… Personally I just use an old version of Syncthing-Fork though, security implications for local network are minimal.
Keepass + syncthing = win
bitwarden
seems odd you say how cumbersome it is to manage and backup (not an issue I’ve faced though) and yet you are using some cumbersome alternative ?
I don’t update my Keepass db often enough to need syncing. Maybe every other week or so I just pull the latest backup from my desktop from backblaze b2 to my phone, or if I change something on the phone, I send a copy to myself using signal “note to self.” Then I manually merge the databases.
Pretty low-tech.
Yeah, I have a tendency to modify my database quite often. I often make new accounts, add attachments, modify passphrases on older accounts, etc. I modify it several times a week. I might be an outlier, and in that case I understand why people don’t consider this to be a huge problem haha.
What’s the problem with Nextcloud? I use KeepassDX (on android, KeepassXC on desktop) with the database on Nextcloud and don’t have any problem syncing.
This issue: https://github.com/nextcloud/android/issues/19
On Android I use KeePassDx Syncthing-Fork. The handover was rough but the maintainer of the Play version joined researchxxl’s team. Many on the Syncthing forum seem to have accepted research which is good enough for me. Also, KeePass’s database in encrypted so no danger there.
Do you store TOTP in a seperate KeePass?
For me swappog between two Keepass DBs is annoying. I can’t find anything that will sync my 2FAs.
I don’t. Kinda seems silly to me.
To access a keepass file you already need 2 factors: the master password and access to the file.
Its not really 2 factors if it’s stored in the same DB though.
I came from Bitwarden where the community recommendation was to not store passwords and 2FA together in the cloud. If a beach orccurs and you lose both then there wasn’t a point in having the 2FA.
Less of a risk with a local solution but still not sure.
If u have 2fa in the same database u can login on devices you don’t trust. E.g. a coworkers computer/public computer in library.
Yeah. So that seems to remove the 2 from 2FA…
Yes, it is two factor, it’s just that there is no additional factors required to get the TOTP.
If you don’t use a password manager then you just remember your passwords. In this case the second factor is having access to a device that has your TOTP generator.
If you use keepass then you remember the password for your password db, and to access your passwords or TOTP you need access to a device with your keepass db.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CF CloudFlare Git Popular version control system, primarily for code SSH Secure Shell for remote terminal access
3 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #167 for this comm, first seen 15th Mar 2026, 17:10] [FAQ] [Full list] [Contact] [Source code]
