this post was submitted on 18 Jun 2023
8 points (100.0% liked)

Selfhosted

40113 readers
1289 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

It was one of the easiest to setup and it works flawlessly. I'm a bit paranoid about losing my data even with the backups.. Any recommendation?

top 19 comments
sorted by: hot top controversial new old
[–] Sebbe@lemmy.sebbem.se 3 points 1 year ago (1 children)

The nice thing about syncing services like Vaultwarden is that all your synced devices kind of act like backups. You should still keep proper backups too, of course, but this makes me sleep a bit better at night at least.

Yeah, this too... like... I have Bitwarden synced in different computers/phones, so at least most of the passwords will still be somewhere.

[–] dustojnikhummer@lemmy.world 2 points 1 year ago

I don't trust myself with Vaultwarden honestly. I will just pay for Bitwarden if I need to.

[–] lost@kbin.social 2 points 1 year ago (1 children)

I use vaultwarden as my bitwarden backup. I pay for bitwarden premium because it's too critical of a service for me to not pay for access/support the service, or to expect my self hosted option will be sufficiently reliable enough.

That said, as a backup option, I run the vaultwarden addon in home assistant and just periodically do a manual export from bitwarden and import to vaultwarden. This is usually good enough for me, but glad to see this thread with some other options. Will be exploring some of these too!

[–] flynnguy@lemmy.world 1 points 1 year ago

Oooh, I like this idea... I've thought about running vaultwarden but like you I pay for bitwarden premium because I think it's critical for me and I like the service and want to see them continue. Using it as a backup, then I can still support them and run my own backup.

[–] Klox@lemmy.world 1 points 1 year ago (1 children)

I regularly hear it's great. Has anyone moved from KeePass? I haven't read anything that makes me think I should move on from KeePass. I have maybe ~4-5 clients and merging databases has been very easy since no client is offline for too long.

[–] AbidanYre@lemmy.world 1 points 1 year ago

I went from KeePass to pass to vaultwarden. Sharing passwords is way easier.

[–] MrDread@karab.in 0 points 1 year ago (1 children)

I like to connect an external drive and make backups on it. If your Vaultwarden die, unless your devices are de-authorised (or try to update the URL), you can access the vault and export the data.

[–] epyon22@sh.itjust.works 1 points 1 year ago

FIY even when deauthorized all passwords previously synced are still available but prevents syncing without fully logging in.

[–] JurassicPork@lemmy.one 0 points 1 year ago (1 children)

You may have just inspired me to do the same lol, I'm self hosting most of my other things.... For some reason, keeping my own data safe with bitwarden is kinda freaking me out too lol

[–] balance_sheet@lemmy.world 0 points 1 year ago (1 children)

TOTP function is what really made it happen. It brings me so much joy to have one, self hosted service to do everything login related compared to using Authy too. I was way too invested in Authy which was never comfortable for me. I now found peace.

[–] cyanide@lemmy.world 1 points 1 year ago (1 children)

Is having your passwords and TOTP in one place recommended? I would’ve thought that having both separate would be more secure.

[–] Widget@kbin.social 0 points 1 year ago (1 children)

It still defends against one failure mode (the website gets hacked but you're ok) but yeah, obviously if you get hacked and the hacker knows how to get your vault out then you're 100% screwed.

My suggestion is always hardware 2FA, even though it's not as mature as the other systems. Personally I have two Yubikeys (in case one breaks/gets lost) but it does mean that I need to add TOTPs to both of them each time I add a new 2FA.

[–] boothin@kbin.social 1 points 1 year ago

I'm fairly certain hardware based 2fa has been around since the early 90s maybe even earlier. It's not the maturity that's the issue, as I'm fairly certain its significantly older than application based, but that it's extremely inconvenient for the user to have to buy a physical key and keep it safe

[–] ollie@lemmy.world 0 points 1 year ago (1 children)

how are you doing your backups now? are you using the 3-2-1 backup strategy?

[–] balance_sheet@lemmy.world 1 points 1 year ago (1 children)

Not really, no. I have an HDD and an SSD both in a same machine. Data in SSD gets copied to HDD everyday. I don't have any remote backup yet. How do you do your remote backup?

[–] ollie@lemmy.world 1 points 1 year ago

encrypted Rsync to a free Backblaze account. be sure to test your backups tho

[–] blackstrat@lemmy.fwgx.uk 0 points 1 year ago (1 children)

I tried Vault warden, but I didn't find it better than KeePass which I have syncing over nextcloud to storage that is mounted over NFS for my desktop and laptop. There are plenty of clients so you can use windows, linux, android etc.

[–] uzay@infosec.pub 1 points 1 year ago

I ran Keepass synced through my Nextcloud for a long time as well, but I switched to Vaultwarden after loosing Passwords due to sync issues. Almost got locked out of an important account. Luckily I noticed it early enough to recover it through my Nextcloud's versioning. But since then I'm too paranoid to rely on a password manager without a reliable syncing mechanism built-in if I'm gonna use it daily on a range of different devices.

load more comments
view more: next ›