Not sure I understand why you’d want to self host a password manager. Bitwarden has never been breached AFAIK. How is it better or safer to keep if self hosted?
Bitwarden has never been breached AFAIK
Password managers are a HUGE target, and while I’m sure they do everything possible to prevent a breach from actually obtaining peoples passwords, vulnerabilities do happen.
That’s why I think self hosted Bitwarden or KeePass with a file are the way to go.
Regulatory requirements and management decisions.
Oh, you thought self-hosting was only for hobbyists? 🫠
Are you asking /r/selthosted what the point of selfhosting is?
I think you may be forgetting that Bitwarden has a self hosted version, it’s just really not commonly used with subs audience. Mostly as until recently they didn’t have a unified deployment and most people only want one container so that plus cost means most don’t use it.
It’s good if you like self-hosting stuff.
However, what I tell people is this:
If you know jack about security and how to lock down a machine that is running Vaultwarden, then it’s useless. You should go with Bitwarden.
If you’re looking to install it just to play around with, I would be very cautious about what you store there, unless you can lock the system down to where it’s not accessible by the outside internet and localized only to your network.
And I have redundant backups in place in case one decides to fail, which are all encrypted with GPG and a few other measures.
If you have it installed and not accessible to anyone else but you, it’s a fun project. I like using VW and BW.
The other bonus would be no one is going to look to target you specifically unless you’re turned into a target.
Whereas if BW were to be breached, it wouldn’t have anything to do with you.
However, BW utilizes encryption, so even if they did somehow manage to get in, they can’t read your passwords.
Alright, what minimal security do you need to lock down your vaultwarden? Wireguard, firewall, fail2ban? I’m trying to learn good security practices for my server
Can be safer. Can be worse.
A poorly configured self hosted vaultwarden can be a major security issue.
A properly configured one is arguable safer than hosting with a 3rd party. Lastpass taught me that one.
If you configure it to where it’s not exposed to the web, and only accessed through a VPN, like Tailscale. It can be quite robust.