Currently I manage my passwords in an archaic but secure way, which is simply to synchronize a directory where I have my Keepass database between my devices, and I say archaic but secure because even if my Nextcloud server hosted on a VPS explode (where I have the database stored) I still have the databases stored locally, so I don’t lose anything.

I am currently interested in self hosting Vaultwarden although my biggest drawback is the fact that if my VPS were to fail for example I would not be able to access my database and if I lose access to the database I lose access to all my passwords. a pretty bad scenario.

So I have a question, what can I do to prevent that from happening? Apart from hosting everything on my own hardware of course, for now I prefer to use VPS for different reasons.

  • @PriorProject
    link
    English
    3
    edit-2
    10 months ago

    So I have a question, what can I do to prevent that from happening? Apart from hosting everything on my own hardware of course, for now I prefer to use VPS for different reasons.

    Others have mentioned that client-caching can act as a read-only stopgap while you restore Vaultwarden.

    But otherwise the solution is backup/restore. If you run Vaultwarden in docker or podman container using volumes to hold state… then you know that as long as you can restart Vaultwarden without losing data that you also know exactly what data needs to be backed up and what needs to be done to restore it. Set up a nightly cron job somewhere (your laptop is fine enough if you don’t have somewhere better) to shut down Vaultwarden, rsync it’s volume dirs, and start it up again. If you VPS explodes, copy these directories to a new VPS at the same DNS name and restart Vaultwarden using the same podman or docker-compose setup.

    All that said, keeypass+filesync is a great solution as well. The reason I moved to Vaultwarden was so I could share passwords with others in a controlled way. For single-user, I prefer how keypass folders work and keepass generally has better organization features… I’d still be using it for only myself.