Why self host a password manager? - eviltoast

I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • el_abuelo@programming.devOP
    link
    fedilink
    English
    arrow-up
    6
    ·
    2 months ago

    This was also the most compelling reason for me to consider it.

    I do think that balanced against the time and effort and risk of me fucking up outweighs this benefit. But I can totally see why for some that balance goes the other way.

    • april@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 months ago

      I think the main thing for not messing it up is just make sure you keep it updated. Probably set up auto updates and auto backups.

    • Darkassassin07@lemmy.ca
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      More than any other piece of self-hosted software: backups are important if you’re going to host a password manager.

      I have Borg automatically backing up most of the data on my server, but around once every 3 months or so, I take a backup of Vaultwardens data and put it on an external drive.

      As long as you can keep up with that, or a similar process; there’s little concern to me about screwing things up. I’m constantly making tweaks and changes to my server setup, but, should I royally fuck up and say, corrupt all my data somehow: I’ve got a separate backup of the absolutely critical stuff and can easily rebuild.

      But, even with the server destroyed and all backups lost, as long as you still have a device that’s previously logged into your password manager; you can unlock it and export the passwords to manually recover.