Comment on Vaultwarden selfhosting, or bitwarden service?
anamethatisnt@sopuli.xyz 1 day ago
On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service?
How do I know if my passwords would be safe, not being exposed to the wide net?
Wouldn’t these questions be as true of the VPS service that hosts Vaultwarden as of Bitwarden?
If my internet at home was better I would be selfhosting Vaultwarden and use a full vpn on my laptop/phone/tablet when leaving the house.
Now I’m using KeepassXC with my home pc as the true source and syncing copies of the database to my laptop and phone.
observantTrapezium@lemmy.ca 1 day ago
No, you don’t need to trust the VPS provider. The VaultaWarden password storage is encrypted, and the master password is never transmitted to the server. The passwords are decrypted only locally on your device.
anamethatisnt@sopuli.xyz 1 day ago
How does that differ from Bitwarden?
observantTrapezium@lemmy.ca 1 day ago
To my knowledge it’s not supposed to differ.
If you trust that the client (which is open source) is doing what it’s supposed to do, security-wise I don’t think there’s a difference between self-hosting and using Bitwarden’s service.