Switched from 1password to vaultwarden, no looking back.
this post was submitted on 27 Apr 2025
94 points (95.2% liked)
Selfhosted
46376 readers
767 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Been selfhosting the official Bitwarden stack for the last 7 years now and it's been running great.
I also use keepass and syncthing
Vaultwarden over tailscale has been good to me.
I do have a qualm with how easy it is to accidentally close bitwarden before saving a password and losing the password you just generated. But that's just taught me to not zip through the process
Keyguard, which works on Bitwarden-compatible servers like Vaultwarden
I wish I had the confidence in my security provisions to self host my secrets on the internet. I do use bitwarden, but that is local to my machine. It works good for me, as my memory is shit. About the only thing I could say against Bitwarden is that the recent theme change was a huge mistake and caused a lot of people a lot of stress. Insomuch as the public outcry against the new theme was so great, they switched back to the old theme. Whoever created the new theme had to have been a sadist.
I keep vaultwarden behind a vpn so it's not exposed directly to the net. You don't need a constant connection to the server; that's only needed to add/change vault items.
This does require some planning though; it's easy to lock yourself out of your accounts when you're away, if you don't incorporate a backdoor of some kind to let yourself in in an emergency. (lost your device while away from home for example)
My normal vpn connection requires a private key and a password that's stored in my vault to decrypt it. I've setup a method for retrieving a backup set of keys using a series of usernames, emails, passwords, and undocumented paths (these are the only passwords I actually memorize); allowing me to reach vaultwarden where I can retrieve my vault with the data needed to login to everything else properly.
if you don’t incorporate a backdoor
I've often thought about this, and since it has come up in convo, I'll ask: If you were to implement a backdoor to your server, how would you go about that? Currently I have 3 vps and one rack in the closet. It is the vps I'm interested in the most. Only one vps offers a rescue ssh, and yes I can confirm, if you are not exceedingly careful on my setup, you can lock yourself right out. I run tailscale on everything and I often wondered if I could incorporate tailscale as a emergency backdoor.
Most of my web services are behind my vpn, but there are a couple I expose publicly for friends/family to use. Things like emby, ombi, and some generic file sharing with file browser.
One of these has a long custom path setup in nginx which, instead of proxying to the named service, will ask for http basic auth credentials. Use the correct host+path, then provide the correct user+pass, and you'll be served an openvpn configuration file which includes an encrypted private key. Decrypt that and you've got backdoor vpn access.
psono password manager from germany, you can self host it and it's open source
they also give you really good, free support, even when you don't pay them anything
Interesting, I had not heard of Psono before, cool to see a European alternative that is fully open source. I'm currently self-hosting Vaultwarden but I might give this a try to see how it holds up.
Enpass works well for me.
That's androids fault. Their login input detection is spotty, and has been for a while now. https://9to5google.com/2024/10/06/android-autofill-password-manager-problems/
That makes sense. I've seen the same behavior as OP. Usually when it happens, I open the Bitwarden app manually, and naturally when I switch back the detection is working normally again.
Usually that does the trick for me too; but this morning it just would not cooperate no matter what I tried.
Seems to be playing ball again, for now.
I have a feeling this is more to do with Android/Google not wanting to give up control more than anything. If googles stuff always works, but third party stuff is mysteriously always glitchy; users are going to gravitate to google and their ever growing monopoly...
Vaultwarden is pretty much the standard if you're talking about self-hosted.
I've honestly never had a single issue with the Android app, or mobile extensions for Firefox. What's your setup, and have you tried completely evacuating local storage and redoing your login and sync from scratch? There are a lot more mobile updates that can cause locally stored versions of things to cause problems.
The native rewrite of the Android app is butter smooth. I think it's still technically in beta, but I've been using it for more than a year.
Also, I don't think I ever use the pop-up on mobile. Instead, I use the button on my keyboard. Gboard and FUTO Keyboard both show bit warden buttons at the top when I'm on a logon page
I use keepass+syncthing.
One of those things that has been there for years, works flawless, to the point that I've stopped thinking about it.
I do similar, except nextcloud and backups beyond just syncing. I fear something corrupting my database and that syncing immediately through all my devices.
Same here, and I don't really suffer from the sync conflicts all that much (as I have seen someone else mention in this this thread) as I mainly make changes from a single device, with the exception of TOTPs that only let you scan a QR code.
Depends.
Do you want to share passwords with other users? Vaultwarden.
Anything else? Keepass and Syncthing.
I personally host it for my family to share the netflix password or the password for our energy provider. So I use Vaultwarden.
I use KeePassXC. I have to sync it myself between devices (I use pCloud, syncthing and rclone). They have an android app that works great and there is an iOS app as wellapp, Strongbox. I’ve looked at replacing it a few times but nothing gave me the customisation Keypass offers.
keepass
it's technically no password manager but an encrypted file format.
there are dozens of apps that will work on any platform, including soft keyboard with "password" button for smartphone that will just work everywhere and browser extensions, static website, apps that allow you to use your yubikey to unlock and anything else. you can host your vault anywhere including a google drive or your own webdav or ftp server and keep local copies on your devices synchronized...
Wait so I use keepass too. Why is it not technically as password manager
I believe they're argueing, as it can store more than passwords, it's not purely a password manager.
Its an encrypted keyring idk what they're talking about
This is not normal, that is not working at all. Repair instead of switching to other manager
I tried. I couldn't get it to work again, so wanted to look at other options alongside looking for help/solutions.
But just as it decided to stop working, despite my efforts; it's suddenly started working again.
Sigh...
Agree with others, Vaultwarden is probably your best bet. I've found the default app to be a little flaky, but ended up using Keyguard, which I've found really good.
I used to use Keypass+Syncthing, but found sync conflicts too often (due to Syncthing support for Android), hence the switch.
I've been using keyguard for a while now its much smoother then the native bitwarden app and allows multiple vaults which is nice when syncing personal/work vault for example.
That's an interesting option. It's the Bitwarden app I've been having issues with; though I'm not sure how much of that is Bitwardens fault vs Android itself.
I'll give that a look, thanks :)
I've been using "passwords" on nextcloud for a few years now. Minimal issues with the app, moving apps, and browser extensions. Not perfect, but hey it's self hosted and reliable.
The autofill popup has always been unreliable for me on Android (with Bitwarden)
I use the quick settings tile most of the time instead
Thank you! You gave me the hint I needed.
I didn't know there was a quick setting button (the buttons in the notification tray) and have been struggling to find the accessibility options people have mentioned.
That button in the tray seems so much more reliable. Thanks again!
Same for me, and I use the button in my quick settings as well.
I use Bitwarden, which I'm fairly sure is the same product. Perhaps the issue lies with the app you're using to login rather than the manager? For example, Bitwarden works well on at least Chrome and Brave, but rarely on Ecosia.
Bitwarden and Vaultwarden are different products. Vaultwarden is API-compatible with the Bitwarden client apps, but it's a completely separate project.
Both are self hostable. Bitwarden is designed for large deployments (like companies with tens of thousands of employees) so the design is very different to Vaultwarden which is designed for small deployments.
Vaultwarden is just a self-hosted server for Bitwardens clients. It's Bitwardens android client I've been having issues with.
I used to self-host Bitwarden but switched to Vaultwarden a while back.
In the Bitwarden Android app, make sure all the autofill settings are enabled, including accessibility (which helps with autofill in apps that don't officially support it). Sometimes, system updates seem to disable them.
Also note that Android apps need to explicitly support autofill. Not all apps do. The "use accessibility" option is supposed to help with apps that don't officially support autofill.
You can open the browser extension menu and press the fill button. The autofill never seems to have worked here on my mobile Firefox 🤷
In theory you can also self-host Firefox sync, but well... there seem to be issues with that.
I use Bitwarden (as far as I know these are basically the same) and have had issues with the app too, from long delays before it autofills, to the popup jumping around the screen or vanishing after 1ms, to just never showing up on some screens. I would recommend trying some of the other autofill options they provide in settings to see if they work better for you. I have had much more luck with "inline autofill" than the accessibility-based autofill, but currently keep them all enabled and the experience is much smoother than it was a year ago.