I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • SK@hub.utsukta.org
    link
    fedilink
    arrow-up
    0
    ·
    2 months ago

    vaultwarden syncs your passwords locally so even if your server is down the passwords remain available on your device. And it is a wonderful password manager, you can share passwords with your family, have TOTPs, passkeys.

    • Chewy@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      Fully agreed.

      Accessing Vaultwarden through a VPN gives me peace of mind that it can’t be attacked.

      Another great thing about Bitwarden is that it’s possible to export locally cached passwords to (encrypted) json/csv. This makes recovery possible even if all backups were gone.

        • Chewy@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          Yes, Bitwarden browser plugins require TLS, so I use DNS challenge to get a cert without an open port 80/443.

          The domain points to a local IP, so I can’t access it without the VPN.

          Having everything behind a reverse proxy makes it much easier to know which services are open, and I only need to open port 80/443 on my servers firewall.