this post was submitted on 15 May 2026
542 points (99.5% liked)

Selfhosted

59227 readers
1109 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
542
Bitwarden's new CEO has a Private Equity background, removed 'Inclusion' and 'Always Free' from their website -- because of course he did (www.fastcompany.com)
submitted 12 hours ago* (last edited 10 hours ago) by german@pawb.social to c/selfhosted@lemmy.world
125 comments fedilink hide all child comments
 

In the latest episode of "they will always sell you out" - they sold you out! Who would've thought.

Hoping for a good alternative client to appear, the writing is on the wall. Vaultwarden can't exist without "leeching" off of Bitwarden.

you are viewing a single comment's thread
view the rest of the comments
[–] RonnyZittledong@lemmy.world 152 points 11 hours ago (5 children)

Jesus, I'm tired of switching password managers.

[–] MangoPenguin@lemmy.blahaj.zone 42 points 10 hours ago (5 children)

KeePassXC + KeePassDX is probably the best option, with the downside of no way to sync easily (syncthing is probably the best option there)

I might switch back at some point, been getting frustrated with the bitwarden extension performance always being so poor.

[–] Resonosity@lemmy.dbzer0.com 6 points 3 hours ago (1 children)

My first password manager was KeePassXC.

Hooked it up with Syncthing, and I've never had issues aside from the occasion database duplicate.

[–] Flagstaff@programming.dev 1 points 8 minutes ago

Right, and it has a neat merge-database feature anyway, so no excuses for those holding back!

[–] auntieclokwise@lemmy.world 2 points 4 hours ago

I use KeePass with KeeAnywhere. KeePass can natively sync over network share, FTP, or WebDav. With plugins, it can sync over SSH, FTPS, Amazon S3 compatible buckets (including open source compatible versions you host yourself), Azure, Box, Dropbox, Google Drive, OneDrive, and more.

[–] elaina@lemmy.zip 2 points 5 hours ago

Yeah the performance is what made me install the desktop app, but then it's 1gb in size

[–] german@pawb.social 4 points 7 hours ago (2 children)

Merge conflicts are a concern for KeePass, especially for those that don’t want to resolve them. Sync is difficult. AFAIK this is a very common issue with Syncthing setups.

Also, the portability from Bitwarden to KP leaves a bit to be desired, though that’s probably 90% on BW.

[–] eli@lemmy.world 2 points 3 hours ago (1 children)

I've been using KeePass with Syncthing for 5+ years now and I think I've only had a sync issue once in all this time.

Granted I do make sure I only use the database on one device at a time (so not making edits on desktop and my phone at the same time) and I'm using XC and DX clients not the OG KeePass program.

I'm curious what is causing sync issues to make it "common", I use my db every day.

[–] german@pawb.social 1 points 45 minutes ago* (last edited 43 minutes ago)

Yeah, it’s not an uncommon use case to accidentally or even intentionally edit the database on two online devices - I do it all the time when I want a new login to be used on my laptop right after I signed up for some new website on my PC, and the laptop just happens to have an “unpushed” change from last evening, or I edit the new login’s metadata, or whatever.

With this, I’d have to keep a mental model of the versioning of each database and avoid even touching my phone like the plague if KeePass is open on my computer.

It’s not that big of a deal, it’ll probably be a problem once every few months, but it’s annoying to keep track of and worth talking about.

[–] elmicha@feddit.org 2 points 5 hours ago

I'm using Keepass2Android (and KeepassXC). It can copy the database from/to an sftp server, so it can easily merge the entries. I don't have the sftp server exposed to the Internet, because when I'm not home, nobody will change the database at home.

[–] tremble5218@programming.dev 3 points 8 hours ago

Rclone with any cloud provider is another great option that's seldom mentioned. I posted my setup as a comment on another post. You may find it here - https://programming.dev/comment/23849767

[–] slate@sh.itjust.works 21 points 11 hours ago (3 children)

KeePass isn't going anywhere. They're also dragging their feet on passkey support, so you might go with KeepassXC.

[–] zeitverschreib@freundica.de 11 points 11 hours ago (2 children)

@slate

Wasn't there some commotion a few weeks about KeepassXC and vibe coding?

@RonnyZittledong

[–] blackbrook@mander.xyz 3 points 6 hours ago

Their AI policy looks very reasonable, and they certainly aren't vibe coding. Everything is rigorously reviewed and tested by a handful of experienced, competent humans.

[–] Dumhuvud@programming.dev 24 points 10 hours ago (2 children)

Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass.

[–] wiccan2@thelemmy.club 1 points 7 hours ago

Link gives 404

[–] eightys3v3n@lemmy.ca 8 points 10 hours ago (2 children)

They also don't effectively allow collaboration though, which is my cheif reason for using a cloud hosted password manager.

[–] Flagstaff@programming.dev 4 points 9 hours ago (2 children)

What is "collaboration" in this context?

[–] eightys3v3n@lemmy.ca 5 points 7 hours ago (1 children)

Sharing passwords between groups of people so everyone always has the up to date version. Not breaking the world if two people try to modify the same entry as some file syncing solutions do.

[–] Flagstaff@programming.dev 0 points 7 hours ago (1 children)

Hmm, interesting, though isn't that a fault of the organization not having an account-linking system so that each person could have their own credentials but can still access the unified content? This workaround seems... flimsy, unless I'm not picturing a legit scenario in which no other method is as good, or something.

[–] FreedomAdvocate@lemmy.net.au 1 points 5 hours ago (1 children)

You know why most cloud based services charge money? For stuff like this, because it’s not free to implement and maintain.

Easy and fault-proof password sharing and syncing needs software and hardware to do. You either set it up and maintain it yourself, or pay for a product that does it - like Bitwarden.

[–] Flagstaff@programming.dev 1 points 9 minutes ago* (last edited 8 minutes ago)

But your argument falls apart against something like Syncthing's discovery networks combined with send-/receive-only folder types, which use no cloud yet allow the automatic, passive propagation of file updates to different users' devices... right? No cloud, no self-hosting, yet automatic syncing across multiple devices...

[–] Viceversa@lemmy.world 4 points 7 hours ago (1 children)

Parallel creating, reading, updating, deleting password entries by multiple users.

[–] Flagstaff@programming.dev 1 points 7 hours ago

Whoa, thanks. I had no idea this was a thing...

[–] frongt@lemmy.zip 2 points 8 hours ago (1 children)

Sure they do. Multiple people can have a file open at the same time. I use it for exactly this every day at work.

With KeePassXC, that is. I don't know if other flavors have different support. I use XC primarily for the browser extension.

[–] eightys3v3n@lemmy.ca 2 points 7 hours ago (1 children)

And you can both modify the same things without causing horrible conflict issues? And you can share only parts of your vault with someone rather than having entirely different vaults you have to switch between? I'm assuming you mean putting the file somewhere like Google Drive, and you can access it offline even if you can't edit it offline? For feature parity with Bitwarden, obviously ideally one could edit any time and it would resolve problems when it came back online if there were any but Bitwarden doesn't allow this.

[–] frongt@lemmy.zip 1 points 7 hours ago (1 children)

Yes, no conflicts. I don't know if you can only share part of vault; I just created a separate one for a separate team.

I wouldn't put it in Google Drive or anything like that. The separate sync logic will definitely cause conflicts.

I'm not worried about having access if I'm offline, because if I'm offline I'm not going to be able to log into anything anyway.

[–] eightys3v3n@lemmy.ca 3 points 7 hours ago* (last edited 7 hours ago) (1 children)

I guess a laptop, server, IoT device, or WiFi connection when your main device doesn't have internet is out of scope for you?
Like fixing my laptop and not wanting to type the new password into my phone instead of copy/paste, sync when online?
And how are you sharing a file, to multiple people anywhere in the world realtime ish, without a cloud service you or someone else hosts? Doesn't that necessitate some syncronization logic?

[–] frongt@lemmy.zip 1 points 7 hours ago

It's hosted on a local network share, so we don't need Internet access.

If can't copy paste, I just type it out.

We use a VPN to the office.

[–] Flagstaff@programming.dev -1 points 9 hours ago* (last edited 9 hours ago) (1 children)

They’re also dragging their feet on passkey support

As... they... should, forever.

[–] 4am@lemmy.zip 8 points 8 hours ago (1 children)

Two articles behind a paywall, one that won’t load, and another article that says the big problem with passkeys is…people are unfamiliar with them.

If anyone tells you that Passkeys are bad, they’re a liar. Way more safe than passwords, full stop.

Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.

[–] Flagstaff@programming.dev 1 points 6 hours ago (1 children)

Are you calling me a liar? That's pretty weird; it's not like I'm telling you to stick to passwords while I move to passkeys. With that said, though, get Bypass Paywalls Clean (Mozilla-only, as far as I know) and you'll never see another paywall again. I forgot about having that.

Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.

The problem is that this is where it's eventually going to lead to.

[–] fushuan@piefed.blahaj.zone 1 points 5 hours ago

Not really, Vaultwarden/bitwa4den offer passkey support. When I log into a service a popup shows on my extension, I click it and I'm in. It's not gonna lead to device locking if you don't want to...

[–] Speculater@lemmy.world 2 points 8 hours ago (2 children)

I just got Bit warden this year! Gah. Where are we jumping?

[–] testaccount789@sh.itjust.works 5 points 7 hours ago

Full circle to sticky notes on monitor.

[–] roofuskit@lemmy.world 1 points 6 hours ago

Vaultwarden

[–] tordenflesk@lemmy.world 7 points 11 hours ago (1 children)

Took me like 5 minutes to move back to KeepassXC.

[–] duckshuffgoose@piefed.social 1 points 4 hours ago

i want to switch back to KeepassXC, but I very heavily use aliases in Proton Pass and can't figure out a good way to still create those on the fly AND use Keepass as my default pass provider