Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
gchamonlive 4 hours ago

Yes, but vaultwarden isn't something you can casually run by yourself without some careful thinking. You are hosting secrets whose longevity is important, so if deploying yourself, take good care of backups and do regular drills, so you validate that the backups work, that they aren't corrupted and that you keep a copy off-site.

inexcf 3 hours ago | parent | next [-]

Me and some friends have each been hosting vaultwarden casually for years now. What problem do you see? I mean if the Server goes down and gets completely corrupted, worst case, all my devices still have the version of the vault they recently used. Technically every device has it's own backup of the vault.

gchamonlive 2 hours ago | parent [-]

If I stay offline for more than 30 days, can I still access my local passwords? Honest question, because if that's the case it's nice, but I think you'd need to somehow authenticate before accessing your local vault.

inexcf 2 hours ago | parent [-]

Thanks for making me check. Did not know this: "Offline Vault sessions will expire after 30 days. Except for mobile client applications, which will expire after 90 days." But for me that is enough time to feel safe, still will do backups regularly.

hypeatei 4 hours ago | parent | prev | next [-]

You should be doing regular exports/backups of your vault regardless of how it's hosted. Bitwarden could go belly up tomorrow and lose all their stored vault data.

armchairhacker 4 hours ago | parent | prev | next [-]

Is there anything stopping a commercial Vaultwarden host?

dolmen an hour ago | parent | next [-]

That already somewhat exists.

Reimplementing the server side is the easy part.

But a commercial offer will need rebranding the client, and maintaining forks is much more involved. As long as Bit warden publishes the sources ...

seanclayton 3 hours ago | parent | prev [-]

Competing with the authority bitwarden the company has over the bitwarden open source project. That's just the first thing off the top of my head. Very few people go to the competitor offering the exact same thing but with less say on the popular codebase.

unethical_ban 4 hours ago | parent | prev [-]

IMO a paper print-out of all passwords and backup codes is the most reliable backup. No bit-rot, no third party, and "degradation" is obvious - fire, flood, etc.

Theft is also usually obvious.

If self-hosting, keep at a separate location than your hard drives.

3 hours ago | parent [-]
[deleted]