Jesus, I'm tired of switching password managers.
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the link in Rule 8 for details.
-
AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post. )
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
KeePassXC + KeePassDX is probably the best option, with the downside of no way to sync easily (syncthing is probably the best option there)
I might switch back at some point, been getting frustrated with the bitwarden extension performance always being so poor.
Merge conflicts are a concern for KeePass, especially for those that don’t want to resolve them. Sync is difficult. AFAIK this is a very common issue with Syncthing setups.
Also, the portability from Bitwarden to KP leaves a bit to be desired, though that’s probably 90% on BW.
My first password manager was KeePassXC.
Hooked it up with Syncthing, and I've never had issues aside from the occasion database duplicate.
KeePass isn't going anywhere. They're also dragging their feet on passkey support, so you might go with KeepassXC.
Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass
Their AI policy looks very reasonable, and they certainly aren't vibe coding. Everything is rigorously reviewed and tested by a handful of experienced, competent humans.
That’s troubling, I don’t like what this portends.
The new CEOs background especially suggests they’re spiffing up the company for a later sellout, why else would they pick a merger specialist for the role?
I think the original title was more helpful because it shows that this is a recent development. Maybe you can add "new CEO"?
Bitwarden scrubs ‘Always free’ and ‘Inclusion’ values from its website as longtime execs step down
In February, longtime CEO Michael Crandell moved to an advisory role, according to LinkedIn, with no announcement from the company. His replacement, Michael Sullivan, former CEO of both Acquia and Insightsoftware, touts his experience with “all facets of mergers and acquisitions” on his own LinkedIn page, including experience working with leading private equity firms.
CFO Stephen Morrison also left Bitwarden in April, replaced by former InVision CEO Michael Shenkman. Both Crandell and Morrison joined the company in 2019. Kyle Spearrin, who started Bitwarden as a fun hobby project in 2015, remains the company’s CTO.
You're right, changed
Ah shit. Here we go again!
Can anyone say “Enshittification”!
Enshitification coming right up!
Well, poop.
This is why corporate promises can never be trusted, because a new CEO can change those promises on a whim.
It's part of why despite being interested in Beeper, I never signed up for it because I had questions about if those privacy promises they made would be kept if they sold to a bigger company... which they eventually did.
On the plus side Bitwarden already made an official open source self-hosted version, which can be forked and/or return to the community developed Vaultwarden roots.
Meanwhile KeepassXC keeps on chugging along.
FYI beeper is really just matrix with bridges. Once I realized that I set up my own and now I have the same functionalities as beeper, self hosted, with a choice of clients.
Has Vaultwarden said anything yet? I imagine that, if necessary, given that bitwarden's client is still open, at the point they choose to try and close it, we, the users, can fork it and establish it for vaultwarden, correct? Or, maybe even the vaultwarden team will think about forking it themselves and making a light client as well to pair with the current server.
But Vaultwarden can exist without "leeching" they just haven't needed to yet. That's more symbiotic than parasitic. The parasite class just took over Bitwarden after all.
They responded on reddit and walked some of it back as an "oversight": https://www.reddit.com/r/Bitwarden/comments/1tdvnh7/comment/olznwcv/. Allegedly, I'm too lazy to verify.
A change that would require intent to make is not a mistake or oversight.
This sucks. I committed to Bitwarden years ago and now am going to have to switch before they lock me in the garden.
They also haven’t addressed the removal of inclusion and transparency from their goals.
EDIT: They did. They said it’s “less of a priority”. The article I shared has been updated. I smell corporate bullshit though. “Oversight” this, “priority shift” that, they’d have to work hard to gain any trust back.

All hail the new Chief Enshittification Officer!
Goddammit. Why can't we have nice things?
Keep ass what though? /s
Move to KeePassXC or its recent LLM-free fork while you still can, because at some point Bitwarden is going to try to go closed-source again.
Oh crap, how's KeePass got an LLM involved‽ Time to look into this now...
I did find https://codeberg.org/ChiPass/ChiPass , but it looks like a very new project.
For once ADHD preventing me from completing a migration is a boon, I guess I'll move back to keepass

Clue me in on why vaultwarden can’t exist without it?
It can, but vaultwarden, as it currently is, is an implementation of the server only. So if bitwarden decides to go closed source all the way, they'd haver to start either creating their own clients or fork the current bitwarden clients.
I'm going to have to just write my own one of these fucking things aren't I?
Sad. Replaced everything with keepassxc + syncthing
Vaultwarden here I come
No, KeePass. Fully open source, no cloud involved in any way, unless you want something to sync your data (the server only ever sees your encrypted database - all encryption and decryption is done locally). You can also host your own sync server using any of a variety of different protocols.
Once again, enshittification by the fucking suits.
Early on I decided to use only KeePass for full personal control instead of an online service. Didn't regret making that decision.
Hoping for another Moonlight/Sunshine moment! Already running Vaultwarden, rbw, and Keyguard. Just need a simple FOSS browser extension for autofill and editing entries.
For context, Moonlight was created first as a FOSS Nvidea gamestream client. Then Sunshine was created as a FOSS server implementation. Later, Nvidia dropped "official" support, now the two projects are a FOSS stack built atop a formerly proprietary protocol.