It never made sense to me to put password managers in the cloud. Regards to what you intend it to do, you’re making it accessible to a wider audience than necessary. And yet, I’m using iCloud. It’s time for a change.

I’m thinking of just running a locally hosted password manager on my home server and letting my devices sync with it somehow when I’m at home. I have a VPN into my home network when I’m away that automatically triggers when I leave the house, so even that’s not that big an issue, but I’m really not familiar with what’s gonna cleanly integrate with all my stuff and be easy to use. All I know is I wanna kill the cloud functionality of my setup.

I already have a jellyfish server so I figured I would just throw this onto that. Any suggestions?

  • irmadlad@lemmy.worldEnglish
    8·
    5 hours ago

    I look at it like this:

    • I don’t absolutely trust the security of my server. Sure, it hasn’t had a breach…yet, but that possibility is inevitable, given the amount of bots that keep trying to get in by the minute. It’s secure, yes, but is it secure enough to entrust the keys to my bank account, my business ventures, et al? IF somebody got the key to my Lemmy account, it would be bothersome, but not cataclysmic since all online accounts are silo’d with only a couple that are linked.
    • Bitwarden spent a lot of time and money building a large infrastructure that is, imho, far more secure than my little server. Bitwarden has a pretty good track record. They have had some vulnerabilities, even as recent as '23 but these have been remediated.
    • Confirmation bias…I’ve been using Bitwarden for untold years now and have never had an issue, other than the recent UI theming schema that was so castigated by users that they offered a way to switch back.

    While hosting my own password manager would fit right in with the rest of my selfhosting, I think sometimes it’s better to defer to more secure options when dealing with highly sensitive data.