I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.
My questions are to those of you who self-host, firstly: why?
And how do you mitigate the risk of your internet going down at home and blocking your access while away?
BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.
Not the one who wrote the command: The Keepass DB encryption is afaik pretty damn good. So that wouldn’t be an attack vector I would worry about. Also and those are just my five cents and I might probably be ripped in pieces by some it sec people, I wouldn’t fear too much about a backdoor being put into your systems when self hosting. If someone actually does this it’s most probably gonna be some actor related to a government that targets you for whatever reason and at least then most of us wouldn’t stand a chance to keep all of their IT devices save, especially when they could stop you on the streets and get physical access to some devices. On the other hand hosted services with thousands of customers are also a lucrative target for cyber crime and which you as a self hosting individual are most probably not. This reduces the possible threats quite a bit, at least if you keep up some default safety stuff to not just let any wannabe hacker from wherever into your self hosted services that would be happy if they can get a 5 thousands dollars/ euros or whatever from you.