this post was submitted on 28 Sep 2023
80 points (98.8% liked)

Selfhosted

40330 readers
504 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Objective: Secure & private password management, prevent anyone from stealing your passwords.

Option 1: Store Keepass PW file in personal cloud service like OneDrive/GoogleDrive/etc , download file, use KeepassXC to Open

Option 2: Use ProtonPass or similar solution like Bitwarden

Option 3: Host a solution like Vaultwarden

Which would do you choose? Are there more options ? Assume strong masterpassword and strong technical skills

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 year ago (1 children)

Option 3 sounds amazing because it gives you the control of option 1 with the ease of option 2. But… unless you’re the kind of person that enjoys hosting their own email server you really don’t want this option. Fun in theory but not so much when you realize you now have a 3rd job.

I currently host Vaultwarden and use the Bitwarden Android app and browser plugin. What does this have to do with a mail server? I don't host a mail server and it works fine for me (tried to host a mail server, but got blocked by ISP and would need a business account to request them to unblock it, which costs double what I currently pay for the same speeds).

[–] [email protected] 1 points 1 year ago (1 children)

It wasn’t meant to be taken literally. What I mean by that is if you’re the type of person who enjoys the upkeep of something as critical (though maybe not so much theses days) as email then go ahead and host your own password vault service. I’m not saying it shouldn’t be done and couldn’t be done.

My point is that there’s going to be times where you NEED your password vault and having it be down because something happened at home or your VPS had a problem is a really shitty situation to be in.

Of course there’s work arounds and edge cases to everything too. For me planning and building for those possibilities came down to what can I do that is the most reliable, simple, and boring. Because that’s what most people need with anything that is critical.

IMHO much like backup, password storage should be reliable, simple, and boring. Kinda like flushing a toilet or flipping a light switch.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Oh, got it. That makes sense. Though if I remember correctly, Bitwarden makes a local copy for you, so even if your device doesn't have internet or your backend is down, you should still be able to enter your passwords, just not create new passwords or sync new passwords from other devices.

I have only been using Vaultwarden/Bitwarden for a short time, but I haven't had any issues thus far. My house is pretty resistant to power outages (solar + 12 hour battery backup for whole house with no sun), but if something happened with my ISP, obviously there's nothing I could do. I haven't tested that case yet. I probably should, though.