Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

If you're gonna self host vault warden, your backup solution better be legit af

Reply to this note

Please Login to reply.

Discussion

Avatar
hit with a hint of s 2y ago

Let's run the password manager on nostr

Avatar
Satoshiprinter 2y ago

Shit, I didn’t consider that. I was just about to set it up. How safe do you consider saving passwords in Firefox? Except for the important ones like email and banking

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

I don't know much about Firefox, in general I don't trust any browser to save any passwords.

Avatar
Geist 2y ago

Any recommendations in this regard? I'm staring at my RPI waiting for the SD card to give out and take my passwords with it.

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

3 2 1 rule

3 copies

2 devices

1 off-site

Avatar
Geist 2y ago

I've always felt sketchy about backups, I never know if the right data is backed up! Should I just export the vault to flash drives?

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

No that's too sketch, it needs to be encrypted. One to a flash drive, one to the cloud.

MUST be encrypted.

Veracrypt or just an aes256 string are good starts

Avatar
Geist 2y ago

So export>encrypt on desktop>store on drive, is that at least passable?

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

Yes good start, but you have to be ready for your house to burn down, must have off-site storage

Avatar
Jac 2y ago

Put an encrypted copy on IPFS?

Avatar
btconboard #LNHANCE or #CTV 2y ago

I’m too scared

Avatar
Jack⚑️ 2y ago

Yeah I considered this. Decided to keep it simple and let Bitwarden handle the server side. After all, it is E2E encrypted.

Plus I'd have to use Tor on all my remote devices to access my vault if self-hosting. Start9 does not have something like Tailscale, yet...

Avatar
utxo the webmaster πŸ§‘β€πŸ’» 2y ago

I think you can use a cloudflare tunnel to do it.

Yes bit warden can't rug your password, but they can fuck up and lose your data or go bankrupt, still better to self host if your setup is legit

de
nobody 2y ago

I have a cron that zips and encrypts the data folder, and sends it up to cloud storage several times a day and keeps 2 weeks of backups.

Avatar
Satoshiprinter 2y ago

You could really screw yourself royally. You’d need to make sure you have a backup off-site too

Avatar
mattybs 2y ago

I'm self hosting Passky and yeah if that computer takes a shit I'm screwed

Avatar
Sid Shattuck 2y ago

Very important point. However, there is some fault tolerance distributed between the number of Bitwarden clients you have running at any given time.

For example, If your vaultwarden server has a catastrophic failure and you don't have it backed up (for whatever reason), you can use the latest sync of the encrypted local version of the vault on your phone and export the vault file.

Same applies to your browser extension etc.

Not to diminish the importance of the sentiment.

Avatar
Satoshiprinter 2y ago

Sounds like it’s still worth it.