Not sure I understand why you’d want to self host a password manager. Bitwarden has never been breached AFAIK. How is it better or safer to keep if self hosted?

  • usrdef@alien.topB
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    It’s good if you like self-hosting stuff.

    However, what I tell people is this:

    If you know jack about security and how to lock down a machine that is running Vaultwarden, then it’s useless. You should go with Bitwarden.

    If you’re looking to install it just to play around with, I would be very cautious about what you store there, unless you can lock the system down to where it’s not accessible by the outside internet and localized only to your network.

    And I have redundant backups in place in case one decides to fail, which are all encrypted with GPG and a few other measures.

    If you have it installed and not accessible to anyone else but you, it’s a fun project. I like using VW and BW.

    The other bonus would be no one is going to look to target you specifically unless you’re turned into a target.

    Whereas if BW were to be breached, it wouldn’t have anything to do with you.

    However, BW utilizes encryption, so even if they did somehow manage to get in, they can’t read your passwords.

    • Silencer306@alien.topB
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Alright, what minimal security do you need to lock down your vaultwarden? Wireguard, firewall, fail2ban? I’m trying to learn good security practices for my server

      • kevdogger@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Honestly just install wireguard on client and they use that to remote access the server when away from lan network