I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • HamSwagwich@showeq.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 month ago

    I switched from Lastpass to 1Pass and it was pretty miserable. I then swtiched to Bitwarden. It’s not perfect, but it’s better than LP and 1Pass.

    The reason you’d want to self-host is so that nobody has access to your data but you. “The cloud” is just someone elses computer"

    • Appoxo@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 month ago

      Bitwarden does external audits with reports and stores in zero knowledge storage.
      Loose your master password and you are fucked. They can’t restore it even if you pay them a million €

      • HamSwagwich@showeq.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        That was basically the same claim LP made. Even if true, if you have a bad master password, you can be compromised. While yes, that’s on you, your data is a high priority target in a centralized password store… if you host it yourself, someone would first have to know you had that data to even target you for that. Much less exposure hosting it yourself. The convenience factor and potentially less security than a company hosting passwords have, so it’s kind of a six of one, half dozen of the other.