I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 month ago

    That’s largely why I haven’t self hosted either. But problems can be mitigated:

    • regular, automated backups to something else (say, KeePass), encrypted with your master pass and backed up off-site
    • host your PW manager on a VPS, or have the VPS ready to deploy a snapshot from offsite backup
    • change your master pass regularly - limits the kinds of breaches that can impact you
    • randomize usernames - makes it easier to detect a breach, because you can see if any of those were exposed without the org being breached

    But honestly, my main reason is that I don’t trust my server to stay up 100%, but I do expect Bitwarden to. I also trust their security audits.

    • BaroqueInMind@lemmy.one
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      2
      ·
      1 month ago

      I’m self hosting Vaultwarden and my home server got killed by the hurricane, yet I can still access my passwords just fine on the app because it stores them locally encrypted on my phone from the last time it synced. I just can’t update or change anything until I can bring everything back on.

      So, host your own shit you cowards, it’ll be fine.

      • aksdb@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 month ago

        Bitwardens local cache does not include attachments, though. If you rely on them, you have to rely on the server being available.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 month ago

        I just… don’t see the benefit. I host videos so I can access video content even if my internet goes out, and it’s a lot cheaper than paying for streaming. I host my own documents because I don’t want big tech scraping all my data. I host my own budgeting software, again, because of privacy.

        I could host Vaultwarden. I just don’t really see the point, especially when my SO and I have a shared collection, and if that broke, my SO would totally blame me, and I don’t think that’s worth whatever marginal benefits there are to self-hosting.

        Maybe I’ll eat my words and Bitwarden will get hacked. But until then, stories like yours further confirm to me that not hosting it is better.