I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.
My questions are to those of you who self-host, firstly: why?
And how do you mitigate the risk of your internet going down at home and blocking your access while away?
BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.
Yeah exactly. Passwords and OTPs are NOT the kind of thing you want to lose…
And while you obviously never want your data stolen, even LastPass they didn’t get any actual passwords. Much like 1Pass, Bitwarden or Proton Pass, none of which have had any breaches of any kind that I am aware of. Too many low-hanging fruit.
Another great point, if I lose my Linux isos, sucks but I’ll redownload. If I lose my family videos, sucks but I’ll log into my backups and resync. If I lose my credentials I’m fucked. Plain fucked. I can’t decrypt my backups, can’t log into services, it’s done.
Thats why ones password DB should also be saved encrypted one one or two external drives.
Not everyone has a safety deposit box, or the ability to access a proper and secure off-site storage.
And if you’re just keeping those in your house, then fire, flood, and other incidents can destroy all copies at once.