I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • april@lemmy.world
    link
    fedilink
    English
    arrow-up
    88
    ·
    1 month ago

    Because when whatever company gets a data breach I don’t want my data in the list.

    With bitwarden If your server goes down then all your devices still have a local copy of your database you just can’t add new passwords until the server is back up.

    • el_abuelo@programming.devOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 month ago

      This was also the most compelling reason for me to consider it.

      I do think that balanced against the time and effort and risk of me fucking up outweighs this benefit. But I can totally see why for some that balance goes the other way.

      • april@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 month ago

        I think the main thing for not messing it up is just make sure you keep it updated. Probably set up auto updates and auto backups.

      • Darkassassin07@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 month ago

        More than any other piece of self-hosted software: backups are important if you’re going to host a password manager.

        I have Borg automatically backing up most of the data on my server, but around once every 3 months or so, I take a backup of Vaultwardens data and put it on an external drive.

        As long as you can keep up with that, or a similar process; there’s little concern to me about screwing things up. I’m constantly making tweaks and changes to my server setup, but, should I royally fuck up and say, corrupt all my data somehow: I’ve got a separate backup of the absolutely critical stuff and can easily rebuild.

        But, even with the server destroyed and all backups lost, as long as you still have a device that’s previously logged into your password manager; you can unlock it and export the passwords to manually recover.

    • Rinox@feddit.it
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 month ago

      Ok, but this doesn’t explain why you would choose to self-host VaultWarden rather than using BitWarden.