Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
milkglass 6 hours ago

Just use vaultwarden https://github.com/dani-garcia/vaultwarden

esperent 6 hours ago | parent | next [-]

Do you have to self host it?

I'm moderately decent at self hosting. I'm fairly confident in my backups and security.

But also, I am not a system backup nor security expert, and I don't want to become either.

The one last thing that I really want to leave to the experts is my secrets management.

cornell532 an hour ago | parent | next [-]

I like Elestio for managing devops of self-hosting. I don't want to do backups, monitor and fork git repositories for updates, etc. It's non-trivial. My time is scarce.

However, I'm extremely reluctant to give my password database hosting to ANYONE. I feel like this is something I need to "own" myself. Perhaps on Coolify, Dokploy, or on a Raspberry Pi with regular backups hosted at my home or office. This is extra work that I'm not eager to do; and frankly, it goes against my philosophy of outsourcing "commodity" work to which I'm ill-equipped to add substantial value.

On the other hand, password managers are the most sensitive software I can imagine.

Lastly, Sharing passwords with my wife, coworkers, etc is genuinely very valuable. Either of us can update, maintain etc our shared set of passwords. Last I looked, Keepass and its ilk cannot replace that functionality

nathanmills 5 hours ago | parent | prev [-]

You don't need to be a system backup expert to take backups, and with that attitude you will never become a system backup novice either. There is no gaurentee paid services will keep your data available either. One company lost my data and I was very glad to have backups.

thunderbong 6 hours ago | parent | prev | next [-]

This uses the Bitwarden client and extensions, which is it's main attraction (I use it too).

My worry however is about the future - what if a core functionality goes behind a paywall.

gigel82 3 hours ago | parent | prev [-]

I do, but this still uses the Bitwarden app and browser extensions. I'm now worried that in pursuit of monetization they'll start screwing with those. After all, the code in the clients have access to all recorded secrets and there would be nothing stopping them from accessing that unencrypted data.