Not sure I understand why you’d want to self host a password manager. Bitwarden has never been breached AFAIK. How is it better or safer to keep if self hosted?
Not sure I understand why you’d want to self host a password manager. Bitwarden has never been breached AFAIK. How is it better or safer to keep if self hosted?
Personally I stick with Bitwarden because one thing I want to stay around if I nuke (accidentally, or deliberately) my homelab is my password manager!
I agree. I trust Bitwarden more to host it than me. I can have too many things going wrong. With that being said, I do agree with the security implications with centralized Bitwarden, but I’d rather have that risk than to screw myself over due to my own incompetence.
Someone a while ago mentioned on this sub: The best thing to host yourself is a password manager, and the worst thing to host yourself is a password manager.
Yup, that’s my reasoning too :D
Whilst I have pretty much everything backed up where I can the only things that I have actually got 100% tried and tested recoverable is Hyper Backup (as it encrypts my B2 backup) and within that is my Vaultwarden backup. So even if my lab was destroyed tomorrow I could get to my B2 backup and recover the Vaultwarden backup and stand it up on any machine I could get access to.
I am not very good at the local backup thing but I do also have an unencrypted backup that is run less regularly that I could easily grab the Vaultwarden files from.
In addition to that the vault is accessible locally if it can’t communicate with the server anyway.
The vault local copy stays around. You can export and import it back.
It’s incredibly easy to backup vaultwarden. I copy my vault to a second hard drive weekly.
I got lucky and have a close friend that self hosts so we also encrypt and upload some of our backups to each other so that even if my whole lab went down and was unrecoverable I could still rebuild off the backups he stores. Basically we give each other about 1TB (without actual quotas, just based on honesty). So we are both able to store a large amount of backups, and if he wants more on my server he just needs to get me another hard drive, and same the other way around.
I’ve heard of people who encrypt their backups and upload to Google, but to me this defeats the purpose of self hosting (and even if it didn’t I think Google would be the last service I uploaded backups to but to each their own). If your encryption is strong enough it is a decent option for people who don’t have another self hosted in their community like me.
What backend of vaultwarden are you using? Mysql or Mysql lite or postgresql?
every device you use bitwarden has a local copy of all passwords. Even if you nuke your server, you still will have access to your passwords.
The server is just use to sync changes. if there is no sync needed, you don’t need the server.