Are you tired of entrusting your passwords and personal information to third-party services that may or may not have your best interests at heart? Are you ready to take control of your own data and security? If so, self-hosting a password manager might be the perfect adventure for you! It takes a bit of technical know-how and a whole lot of bravery, but the rewards are well worth it. Not only will you have the peace of mind that comes with knowing your sensitive information is being stored on your own servers, but you’ll also have the opportunity to customize your password management solution to suit your specific needs. In this blog post, we’ll delve into the world of self-hosted password managers and give you the rundown on some of the top contenders in the field. So if you’re ready to join the ranks of the self-hosting elite, read on!
You have to consider a few things before self hosting password managers
- No downtime: You should have all passwords available with you at all times. That means no server configuration mishaps!
- Encrypted duplication: Multiple encrypted copies of all your passwords should exist so that even if your server gives up, your passwords are still accessible on other devices
- Easy and reliable sync: If your self hosted password manager is unable to sync because you are on mobile NAT then it’s a problem. You should not have to go home to sync the bank password!
Below is list of few self hosted password managers that you can use. Out of these I have only used two. Yes hosting password managers is no joke and trying 5 would be a time consuming endeavour. But no worries, I actually did not tried others because I found the One that passes all our requirements above!
Bitwarden
An open-source password manager that can be self-hosted using Docker or installed on a server. It offers a web interface, desktop and mobile apps, and browser extensions. This is probably the most used application by selfhosters at r/selfhosted. The application offers top notch UI on mobile, desktop and the web client. The passwords are stored on each client if you are using dedicated clients for each device. These clients then sync the passwords using the server. Once setup correctly, you can forget about it.
But in case your server crashes or you have to re-install everything then recovering the server could be bit tricky. There is no reason to worry because your passwords will still be available on desktop and mobile apps but you will not be able to save passwords until your server is up and this is the reason I am not using Bitwarden. It’s good application but with server there’s just too much overhead. You need to own domain and setup SSL. Your client applications will not interact with server until SSL is available. If you were using a separate database then recovering that can be bit tricky depending on which database you use. If you choose to use self signed certificates then their more overhead. It’s doable but at the end of day you just need easy access to passwords and you should not have to go through all the hoops for that.
LessPass
An open-source password manager that can be self-hosted using Docker or installed on a server. It offers a web interface, desktop and mobile apps, and browser extensions. I personally have not used this but it’s an interesting one. This app does not use any database but instead relies on cryptography to derive your password for the site. Now this calculation can happen on any device so all you need to do is remember the master password that you can enter into a self hosted instance of LessPass and it will give you the password you expect for site. The idea is good but the problem here is it does not store usernames and also is not helpful with autofill. It just makes you copy the password. I understand it’s just a random string if other app chooses to read clipboard but still I don’t like idea of keep password in clipboard. Ideally I would prefer something like this but it needs to have better auto completion capabilities and support for username storage.
KeePass
A free, open-source password manager that can be self-hosted on a server or installed on a desktop or mobile device. It offers a desktop application and browser extensions, but does not have a web interface. The thing I like about KeePass is it does not have a central server. Each device has its own encrypted password database that is managed by application itself. The sync between devices can happen using a third party like Syncthing. Because there is no server there is no overhead of SSL certs. Unlike Bitwarden there is no separate database to manage. The only drawback so far I have observed with Keepass is the browser plugin that is not as polished as Bitwarden which I am sure will change with time. KeePass excels on all other fronts and has all the things we were looking for. It is our winner!
Others
In case you are not satisfied with above, you can try below options which personally I have not tried but are worth a try
Passbolt: An open-source password manager that can be self-hosted using Docker or installed on a server. It offers a web interface, desktop and mobile apps, and browser extensions. More focused on teams rather than single user.
Padlock: An open-source password manager that can be self-hosted using Docker or installed on a server. It offers a web interface, desktop and mobile apps, and browser extensions.
It’s worth noting that self-hosting a password manager requires a certain level of technical expertise and resources, as you will need to set up and maintain the server or hosting environment. Additionally, self-hosting a password manager means that you are responsible for the security of your passwords and personal data, as you will be storing it on your own servers rather than relying on a third-party service. This is not really true when using KeePass but still be careful while self hosting in general!
Subscribe RSS feed for more content like this