I’m going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.

My questions are to those of you who self-host, firstly: why?

And how do you mitigate the risk of your internet going down at home and blocking your access while away?

BitWarden’s paid tier is only $10 a year which I’m happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldn’t need any additional hardware.

  • @MajorasMaskForever
    link
    English
    21 month ago

    I’ve used cloud based services for password managers for work and “self host” my personal stuff. I barely consider it self hosting since I use Keepass and on every machine it’s configured to keep a local cached copy of the database but primarily to pull from the database file on my in-home NAS.

    Two issues I’ve had:

    Logging into an account on a device currently not on my home network is brutal. I often resort to simply viewing the needed password and painstakingly type it in (and I run with loooooong passwords)

    If I add or change a password on a desktop and don’t sync my phone before I leave, I get locked out of accounts. Two years rocking this setup it’s happened three times, twice I just said meh I don’t really need to do this now, a third time I went through account recovery and set a new password from my phone.

    Minor complaint:

    Sometimes Keepass2Android gets stuck trying to open the remote database and I have to let it sit and timeout (5 minutes!!!) which gets really annoying but happens very infrequently which is why I say just minor complaint

    All in all, I find the inconvenience of doing the personal setup so low that to me even a $10 annual subscription is not worth it

    • @[email protected]
      link
      fedilink
      English
      21 month ago

      Consider shortening your passwords. Random passwords longer than 20 characters is a complete waste of time.

      • @MajorasMaskForever
        link
        English
        1
        edit-2
        1 month ago

        To me 16 is long haha.

        I usually end up running with 16 characters since a lot of services reject longer than 20 and as a programmer I just like it when things are a power of two. Back in the Dark Times of remembering passwords my longest was 13 characters so when I started using a password manager setting them that long felt wild to me.

        I do have my bank accounts under a 64 character password purely because monkey brain like seeing big security rating in keepass. Entropy go brrrrrrrrrrrr

        • @[email protected]
          link
          fedilink
          English
          11 month ago

          Haha, yeah 16 is actually pretty long.

          I guess I’m just used to being forced 16 characters long passwords at long.

    • @[email protected]
      link
      fedilink
      English
      11 month ago

      I run a similar setup, but with syncthing as the syncing system. Every time I connect the phone to the charger it just syncs the database and I can even sync it outside the home network. Works like a charm. Worst case you get a sync conflict which is easy to solve.

    • @[email protected]
      link
      fedilink
      English
      11 month ago

      The way I get around the syncing issue is to set my syncthing to sync when my phone is charging so it’s very unlikely to not be in sync, or if I change a password on the PC I’ll plug my phone into a USB and it syncs straight away.

      I also use KeepassDX on Android and never have those issues.