Hopefully we all know of the semi-recent LastPass breach, where a lot of customers had their encrypted vaults leaked. They were still encrypted, but your passwords were now possibly out there. My vault was also sadly leaked as well. Also, I don’t know why I used LastPass in the first place, since I pretty much just used the same password over and over again anyways.
Well I could just keep using the same password over and over again, but we all know that is really not a good idea. Also that password has been in like 5 different breaches, so it was time I actually cared.
I decided to self host my own password manager, Vaultwarden, an unofficial Bitwarden server written in Rust. I chose it because my Hetzner server only has 2GB of RAM and only 2 VCPUs, therefore I don’t really have the resources to spare. And I also chose self host since It’s really easy to setup, and I don’t have to worry about breaches.
Here Is How Its Been
Vaultwarden only uses about 25MB of RAM for me, which is a really small amount. The server uses the Bitwarden API so I can use any of the very well built Bitwarden clients, and they sync together flawlessly. It also supports TOTP, therefore I no longer have to use Authy, a proprietary service, to manage my 2FA. Even in the rare chance that my server goes down, the clients store an encrypted version of the vault locally, so I will never loose my passwords.
Overall, it was really easy to set up in docker, and everything has been smooth. So if you are looking at self hosting a password manager, look at Vaultwarden.