I am looking into password managers, as number of my accounts are increasing. Currently I am weighing two options:
- Host Vaultwarden on a VPS, or
- Use the free bitwarden service.
I want to know how they are in practical aspects.
While I am fine self-hosting many services, password managers seem to be one of the most critical services that should not admit downtime. I surely cannot keep it up, as I need to update it time to time.
On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service? How do I know if my passwords would be safe, not being exposed to the wide net?
I want to gauge pros and cons, are there aspects I missed? How are your opinions on this? If you are self-hosting vaultwarden, how do you manage the downtime? Thanks in advance!
I’d throw in option 3: use a KeePass2 database, sync it using whatever sync tool you like (SyncThing, iCloud, NextCloud, WebDAV, …) and use compatible apps (KeepassXC, Strongbox, etc.)
I migrated from KeePass2 as the the DB would get out of sync and need to be merged back together. Thats why I moved to Vaultwarden, I like having my data on my own stuff
I keep seeing people mentioning Syncthing with KeePass… I use both, but not together, between 3-4 different devices. I have a central Syncthing server to which all devices sync everything, but my KeePass database (keyfile & password protected is stored on Google Drive, in a G Suite Workspace account that I pay for. The keyfile is stored individually on each device that needs it, with a printed out copy (with instructions!) as a backup.
Would my keypass database survive Syncthing the way I have it setup?
I’m using Strongbox on iOS and macOS with iCloud Sync and never had any merge issue. Well, maybe once when I deliberately edited the same entry on two different devices. But during normal use, the sync and merge works great.
I roll it this way, been like this for years and years, fine for my needs