this post was submitted on 23 Apr 2026
534 points (99.6% liked)

Selfhosted

58725 readers
924 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
534
Bitwarden CLI distributed through NPM has been compromised. Bitwarden Statement on Checkmarx Supply Chain Incident. (community.bitwarden.com)
submitted 23 hours ago by versionc@lemmy.world to c/selfhosted@lemmy.world
91 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] mazzilius_marsti@lemmy.world 12 points 16 hours ago* (last edited 16 hours ago) (3 children)

lots of people recommend bitwarden, but i am more at peace with an offline password manager that i control like Keepass. You can also go the GNU route and use "pass" on Linux too

Or use a physical key like Yubikey to login

[–] Samskara@sh.itjust.works 2 points 9 hours ago

I use Enpass since 1Password became shit. It’s alright.

[–] aeiou_ckr@lemmy.world 9 points 15 hours ago (1 children)

Only if yubibkey worked for more than the handful of sites/services. I have one for my bitwarden as majority of places want to send a text or us totp.

[–] neclimdul@lemmy.world 1 points 6 hours ago

Also they only half work in Linux I guess? Something about not being able to create something.

[–] mlg@lemmy.world 6 points 15 hours ago (1 children)

I've been trialing Vaultwarden for a while and while I do like the server sync setup and clean web access, the Bitwarden browser plugin is just okay despite being an "enterprise" solution. It misses probably about 20% of websites when creating a new account, forcing you to grab the password from the generator history and make a new entry manually.

KeepassXC is much better in that regard, and it's almost as good as the default credential handler of Firefox, and it lets you set up a bunch of custom stuff to extend the functionality if you want. Plus it has some neat kbdx options aside from AES256.

Only downside is syncing, which I'm debating how I'll deal with something better than syncthing on android (protocol is great, android makes it a PITA to have a background process if its not Google spyware).

[–] KyuubiNoKitsune@lemmy.blahaj.zone 4 points 11 hours ago (1 children)

It misses probably about 20% of websites when creating a new account, forcing you to grab the password from the generator history and make a new entry manually.

This makes me so fucking angry. How can a password manager be so bad at storing passwords, it's like it's only job. It even is generating the password for you! Aaaaaaaaaaaaaah!

[–] moopet@sh.itjust.works 5 points 10 hours ago (1 children)

TIL about the generator history

[–] KyuubiNoKitsune@lemmy.blahaj.zone 2 points 9 hours ago

Not super helpful, because every time you open it, it generates a new one, so how do you know which one is the one it generated?