this post was submitted on 30 Apr 2025
80 points (96.5% liked)

Selfhosted

59864 readers
427 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
80
Vaultwarden selfhosting, or bitwarden service? (sh.itjust.works)
submitted 1 year ago* (last edited 1 year ago) by someacnt@sh.itjust.works to c/selfhosted@lemmy.world
47 comments fedilink hide all child comments
 

I am looking into password managers, as number of my accounts are increasing. Currently I am weighing two options:

  • Host Vaultwarden on a VPS, or
  • Use the free bitwarden service.

I want to know how they are in practical aspects.

While I am fine self-hosting many services, password managers seem to be one of the most critical services that should not admit downtime. I surely cannot keep it up, as I need to update it time to time.

On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service? How do I know if my passwords would be safe, not being exposed to the wide net?

I want to gauge pros and cons, are there aspects I missed? How are your opinions on this? If you are self-hosting vaultwarden, how do you manage the downtime? Thanks in advance!

you are viewing a single comment's thread
view the rest of the comments
[–] irotsoma@lemmy.blahaj.zone 5 points 1 year ago (1 children)

There's not a need to have vaultwarden up all of the time unless you use new devices often or create and modify entries really often. The data is cached on the device and kept encrypted by the app locally. So a little downtime shouldn't be a big issue in the large majority of cases.

[–] Schlemmy@lemmy.ml 1 points 1 year ago (2 children)

Bitwarden does my OTP as well. You don't need the servers for that?

[–] irotsoma@lemmy.blahaj.zone 2 points 1 year ago

It you're talking about TOTP exclusively, that only needs the secret and the correct time on the device. The secret is cached along with the passwords on the device.

[–] koala@programming.dev 2 points 1 year ago

Nope, just tested. There are hardware OTP devices that have no Internet connectivity. As far as I know, all OTP protocols are offline-friendly.