Selfhosted

39532 readers

521 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

110

Why self host a password manager? (programming.dev)

submitted 18 hours ago by el_abuelo@programming.dev to c/selfhosted@lemmy.world

100 comments fedilink hide all child comments

I'm going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden's paid tier is only $10 a year which I'm happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn't need any additional hardware.

you are viewing a single comment's thread
view the rest of the comments

[–] qaz@lemmy.world 1 points 10 hours ago (2 children)

A couple of questions

How do you store a driver's license in Bitwarden? Last time I checked they didn't support file storage. Do you just put it in the cloud storage?
Considering Bitwarden is E2EE, what would be the benefit of storing it at another company in case they are hacked?

[–] wth@sh.itjust.works 4 points 5 hours ago (1 children)

Storing Drivers Licence: Was answered elsewhere. Bottom line… Bitwarden seems like it can store other types of data. Note that I don’t use Bitwarden yet, but have experience with Enpass and 1Pass, both of which can store all sorts of data.

Why separate storage if Bitwarden is E2EE? You are placing all your trust in a single organization - Bitwarden. If they get hacked, then it is possible for the hackers to poison their software to deliver master passwords (hacks of s/w repositories has happened). I prefer to separate encryption from storage so a hack in both is required to get my data. Note that I do the same for offsite backups to Glacier/S3. I use Arq to do the backup and encrypt the files, then send them to S3 for storage.

The 2023 IBM Report on Cost of Data Breeches indicated that the average time for a company to discover a breech is about 200 days, and on average another 70 days to remediate. That keeps me up at night in my day job as security dude.

[–] qaz@lemmy.world 1 points 5 hours ago* (last edited 5 hours ago)

I didn't really consider the possibility of the client being compromised yet, good point.

[–] 486@lemmy.world 3 points 9 hours ago (2 children)

How do you store a driver’s license in Bitwarden? Last time I checked they didn’t support file storage. Do you just put it in the cloud storage?

They do support file storage. I've been using that for years for storing small files related to certain accounts an such.

[–] wth@sh.itjust.works 2 points 5 hours ago

Good to know, thanks. I haven’t actually started looking for the Enpass replacement yet, but it sounds like Bitwarden will be a lead contender.

[–] qaz@lemmy.world 2 points 9 hours ago

I've apparently been missing this button for several years. Thanks!