I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • kratoz29
    link
    fedilink
    English
    13 months ago

    A VPN? you still need a reverse proxy/domain to use it don’t you?

    • qaz
      link
      fedilink
      English
      43 months ago

      You can forward a Wireguard port, exposing it to the internet.

      • kratoz29
        link
        fedilink
        English
        12 months ago

        Hmm, interesting, how would I start doing this?

        I use a Synology NAS BTW, so it already gives me a Synology subdomain to mess around.

    • Chewy
      link
      fedilink
      English
      43 months ago

      Yes, Bitwarden browser plugins require TLS, so I use DNS challenge to get a cert without an open port 80/443.

      The domain points to a local IP, so I can’t access it without the VPN.

      Having everything behind a reverse proxy makes it much easier to know which services are open, and I only need to open port 80/443 on my servers firewall.

      • kratoz29
        link
        fedilink
        English
        22 months ago

        DNS challenge? It is the 1st time I read about it.

        I suppose in your LAN you need no VPNs then?