I am looking into password managers, as number of my accounts are increasing. Currently I am weighing two options:
- Host Vaultwarden on a VPS, or
- Use the free bitwarden service.
I want to know how they are in practical aspects.
While I am fine self-hosting many services, password managers seem to be one of the most critical services that should not admit downtime. I surely cannot keep it up, as I need to update it time to time.
On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service? How do I know if my passwords would be safe, not being exposed to the wide net?
I want to gauge pros and cons, are there aspects I missed? How are your opinions on this? If you are self-hosting vaultwarden, how do you manage the downtime? Thanks in advance!
Do you have a proper backup solution? If you have a catastrophic data error, can you still recover? If not, just choose the hosted infrastructure.
Self-hosting is great. I love it. But when it comes to critical things that you absolutely cannot fuck up, I would rather trust a consumer based solution. If you fuck up your passwords and they’re gone, it’s going to hinder you significantly more than losing sleep about some rando having all your passwords if they break scrypt encryption.
If you have a catastrophic data failure, then you can just use the vault stored on a client to restore it, even if you don’t have backups.
Nice! I was unaware that you could do this. Cheers.
Yeah, it says on their website you can export it from any Bitwarden app, and you can also do it from the CLI if you wanted to for some reason.
Probably be easier in case of emergency to do it from the browser extension though, since you’re gonna have to set up the Vaultwarden server anyway and import the data.
EDIT: So just to check, I installed Vaultwarden, and I was able to export the vault from both the browser extension and the iOS app, on top of the web UI.