Bitwarden is one of the best password managers, period. It’s available for free, unless you require additional premium features not included with the extensive free plan, and it can even be self-hosted from your home using network-attached storage (NAS) or single-board computer (SBC). I recommend using this password manager and Bitwarden’s cloud backend, but if you wish to self-host as much as possible, I’ve compiled some reasons why you should (and shouldn’t) attempt to do so with this app.
What is Bitwarden?
Bitwarden is one of the available password managers, offering a means to safely store credentials in the cloud and provide convenient access with support for multiple platforms. We’ve been using accounts and passwords for decades now, and still some fail to safeguard their logins from potential attacks. There are people out there who wish to gain control of your data and accounts, so we must use all available tools to shield ourselves against potential attacks. Bitwarden is one such option with the ability to create randomly generated passwords and securely store everything.
A single password manager such as Bitwarden can store thousands of credentials, notes, and more, allowing you to keep all your most valuable data locked away with a single memorable password. Enable two-factor authentication (2FA) and you’ll have a secure vault of passwords. I’ve tried and tested countless password managers but keep coming back to Bitwarden due to its security architecture, availability, reliability, and performance. That said, I’ve recently started self-hosting Bitwarden for testing purposes and opted to make the switch from its free cloud platform.
Related
Why you should have been using Bitwarden since yesterday
Keep all your passwords safe with this open-source, cross-platform manager.
Why should you self-host Bitwarden at home?
Self-hosting Bitwarden is great for learning new things, it brings all your data under direct control, and ensures you’re getting the most out of the available features without spending a penny. Using cloud platforms such as Bitwarden, where only you can decrypt your password vault, is perfectly fine for most people, but self-hosting Bitwarden is possible, and so long as you’re tech-savvy enough to maintain it (and a secure network), there are some rewarding benefits of doing so.
You have full control over your data
Whenever you talk about self-hosting anything, this is always the number one point. Taking full ownership of not only creating data, but also storing and even hosting it is one way to ensure it’s secure. By self-hosting a password manager and vault, you won’t ever ponder where your data is stored. You know precisely where it’s located within your home network. This has plenty of advantages, but there are a few downsides since you will be in control of security and backups.
Taking full ownership of not only creating data, but also storing and even hosting it is one way to ensure it’s secure.
Also, should your network or power supply be affected by situations outside of your control, you’ll lose access to the vault until they’re reestablished, and you’ll have to fend off questions and support requests from family members within the household.
You’ll learn something new
If you have an SBC or NAS available with a Docker container manager pre-configured, you’re almost ready to roll. There’s an excellent unofficial server implementation of Bitwarden, using the available API, called Vaultwarden. It’s actually pretty easy to configure, once you’ve launched a few containers and know your way around deployments. But as noted already, configuring your entire network to be robust and secure, yet allow for public connections so you can use the Bitwarden instance away from home is a whole different matter.
Related
4 reasons self-hosting your password manager might be the safest option
It’s only as secure as it’s setup, though.
Why you probably shouldn’t self-host Bitwarden
I wouldn’t recommend everyone to self-host Bitwarden from home since it’s likely not going to result in a good time. Configuring Bitwarden in a self-hosted instance isn’t straightforward, and neither is configuring your local area network (LAN) to allow for secure incoming connections to access the vault. Using a VPN or NGINX with SSL and reverse proxies is one way to achieve this, but you should proceed with caution as incorrectly configuring your network could have dire consequences … and not just for your Bitwarden installation.
Maintaining a secure (and open) network isn’t easy
Configuring your home network to be open yet secure can prove challenging, particularly if you don’t know what you’re doing. Most ISP routers won’t have some of the necessary features to safely open up specific parts of your LAN to outside connections without causing problems. Even OPNsense requires you to read through the documentation carefully, install a few plugins, and make changes in various parts of the firmware to make everything work. You’ll also need to be proactive with patches and updates.
Configuring your home network to be open yet secure can prove challenging, particularly if you don’t know what you’re doing.
If you get this vital step wrong, you could be unintentionally opening up your LAN to attacks and making everything connected to your network vulnerable. Tread carefully if you’re willing to take the risk.
Bitwarden’s cloud service is very secure
Bitwarden and many other password manager hosts have robust data protection measures in place. All your data will be backed up, and those backups will be backed up somewhere else. Being on cloud infrastructure (Bitwarden uses Microsoft Azure), you’ll likely never have any availability issues relating to connectivity. Bitwarden should work today, tomorrow, and the day after — unless the company folds, which is unlikely (for now). Bitwarden (among others) also conducts third-party audits to ensure everything is tip-top.
Your home utilities could fail
It’s unlikely you have a backup power supply to maintain electricity to your property for hours if the worst should happen and you lose connection to the grid. If your ISP’s link drops for some reason, you’re all out of luck, whereas a cloud-based Bitwarden instance will remain online even if you have outages at home. Companies that run password managers also invest heavily in infrastructure to avoid downtime. This is something that will be almost inevitable with a self-hosted Bitwarden installation.
