I am looking into password managers, as number of my accounts are increasing. Currently I am weighing two options:

  • Host Vaultwarden on a VPS, or
  • Use the free bitwarden service.

I want to know how they are in practical aspects.

While I am fine self-hosting many services, password managers seem to be one of the most critical services that should not admit downtime. I surely cannot keep it up, as I need to update it time to time.

On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service? How do I know if my passwords would be safe, not being exposed to the wide net?

I want to gauge pros and cons, are there aspects I missed? How are your opinions on this? If you are self-hosting vaultwarden, how do you manage the downtime? Thanks in advance!

  • dfense@lemmy.worldEnglish
    2·
    2 days ago

    At the end of the day you have to trust someone (Bitwarden, Hoster, Hardware Manufacturer…). It comes down to your threat profile and what you personally accept as a risk vs. effort (or convenience). For me Bitwarden was acceptable, but I switched to self hosting Vaultwarden ca. 3 years ago. Main reasons being the advanced features (sharing some passwords with the family, setting up a tech savvy friend to take over my vault should I get hit by a bus, etc.). I did not have any relevant downtime of that service in years.