this post was submitted on 18 Jun 2023
8 points (100.0% liked)

Selfhosted

39240 readers
406 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
8
Just started hosting Vaultwarden. It's freaking awesome. (lemmy.world)
submitted 1 year ago by balance_sheet@lemmy.world to c/selfhosted@lemmy.world
22 comments fedilink hide all child comments
 

It was one of the easiest to setup and it works flawlessly. I'm a bit paranoid about losing my data even with the backups.. Any recommendation?

you are viewing a single comment's thread
view the rest of the comments
[–] balance_sheet@lemmy.world 0 points 1 year ago (1 children)

TOTP function is what really made it happen. It brings me so much joy to have one, self hosted service to do everything login related compared to using Authy too. I was way too invested in Authy which was never comfortable for me. I now found peace.

[–] cyanide@lemmy.world 1 points 1 year ago (1 children)

Is having your passwords and TOTP in one place recommended? I would’ve thought that having both separate would be more secure.

[–] Widget@kbin.social 0 points 1 year ago (1 children)

It still defends against one failure mode (the website gets hacked but you're ok) but yeah, obviously if you get hacked and the hacker knows how to get your vault out then you're 100% screwed.

My suggestion is always hardware 2FA, even though it's not as mature as the other systems. Personally I have two Yubikeys (in case one breaks/gets lost) but it does mean that I need to add TOTPs to both of them each time I add a new 2FA.

[–] boothin@kbin.social 1 points 1 year ago

I'm fairly certain hardware based 2fa has been around since the early 90s maybe even earlier. It's not the maturity that's the issue, as I'm fairly certain its significantly older than application based, but that it's extremely inconvenient for the user to have to buy a physical key and keep it safe