For anybody else left wondering, Bitwarden does encrypt (nearly) everything in your vault:

> At Bitwarden we take this trusted relationship with our users seriously. We also built our solution to be safe and secure with end-to-end encryption for all Vault data, including website URLs, so that your sensitive data is “zero trust” secure [1]

I haven't used LastPass in years, but the recent news made me wonder how Bitwarden was handling URLs.

[1] https://bitwarden.com/resources/zero-knowledge-encryption-wh...

Bitwarden, Keeper ($ but trusted at megacorps), and good ol' PasswordSafe are the safest solutions.

I run BW with Yubikey 2FA and a local hosted sync server.

KeePassX/C perhaps. Vault for secrets management.

Never touched LastPass, 1Password or any of these other mickey-mouse commercial apps that invariably claim "military-grade encryption" or "unhackable" when their fundamental constructions are crap.

I see a lot of people mentioning bitwarden around here; is their actually a technical reason to believe they are better than Lastpass or any of their competition (have they like open sourced all their stuff?).

There’s very little room for failure and learning in the online password safe field, so I generally assume these companies are in one of two states:

* has unknown bugs waiting to be revealed

* out of business

You can see their server and client code here: https://github.com/bitwarden

I choose to use their clients unmodified, along with an instance of the server formerly known as "bitwarden_rs" running in my basement as the sync backend. https://github.com/dani-garcia/vaultwarden

I still pay them annually for their "freemium" features even though I prefer not to let them host my data.