this post was submitted on 30 Apr 2025
80 points (96.5% liked)

Selfhosted

60281 readers
641 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

I am looking into password managers, as number of my accounts are increasing. Currently I am weighing two options:

  • Host Vaultwarden on a VPS, or
  • Use the free bitwarden service.

I want to know how they are in practical aspects.

While I am fine self-hosting many services, password managers seem to be one of the most critical services that should not admit downtime. I surely cannot keep it up, as I need to update it time to time.

On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service? How do I know if my passwords would be safe, not being exposed to the wide net?

I want to gauge pros and cons, are there aspects I missed? How are your opinions on this? If you are self-hosting vaultwarden, how do you manage the downtime? Thanks in advance!

you are viewing a single comment's thread
view the rest of the comments
[–] axum@lemmy.blahaj.zone 25 points 1 year ago* (last edited 1 year ago) (2 children)

The bitwarden vaults themselves are encrypted with your password. So I'm not sure what there is to not trust with bitwarden, as even if files were stolen, they are encrypted so they're largely useless.

I pay for bitwarden premium because it supports the development of a good open source project.

Edit: fixed phrasing given suggestion below

[–] MajesticElevator@lemmy.zip 17 points 1 year ago (1 children)

It’s important to specify that the items are encrypted using a key derived from your password, so Bitwarden themselves don’t have access to your passwords even if they wanted to.

Since they handle redundancy and backups I think it’s fine staying with them (+ great product)

[–] spooky2092@lemmy.blahaj.zone 9 points 1 year ago

Since they handle redundancy and backups I think it’s fine staying with them (+ great product)

This. I love self hosting services, but anything that I 100% can't live without isn't one of them. Because I don't have the funds for proper redundancy/high availability, and my backup practices at home are..... Not ideal. I've had a couple brushes with data loss due to gaps in backups, lack of monitoring for impending hardware failures, and had 2 disks suddenly die together in a raid array, all in over a decade of self hosting.

I have cold backups of most of my critical services, but they're not nearly regular enough for me to trust my passwords to myself.

[–] someacnt@sh.itjust.works 1 points 1 year ago

I see, guess I was overly paranoid. Bitwarden sounds good, then!