Asklemmy

42527 readers

1761 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

326

What single item improved the quality of your life over you got it? (Buyed it/got as present/made it) (lemmy.zip)

submitted 8 months ago by [email protected] to c/[email protected]

493 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 8 months ago (1 children)

I would not self host a password manager, simply because I don't want running something like that on a 24/7 online server.

Still, if I needed to run a password manager on a server, I would rather self host it than use a hosted service from someone else.

In my opinion, running such a service commercially is a much harder problem than self hosting it and has a much bigger attack surface.

This is IMHO what many people do not understand about hosting as a service vs. self hosting: The full time DevOps/Admins etc. people who work at the hosting service are hopefully better than me at hosting stuff. At the same time the problem they have to solve is so much harder than self hosting, that even if they are 10x as good as me, running my own little service with a firewall, rate limiting and monitoring should at least not be less secure.

[–] [email protected] 6 points 8 months ago* (last edited 8 months ago) (1 children)

In my opinion the risk of something killing my server and wiping my passwords out is much much scarier than the prospect of a semi competent company hosting them getting hacked. Like several orders of magnitude scarier.

[–] [email protected] 3 points 8 months ago

Fair enough!

As I said, I would not host it myself.

My solution is much simpler and more redundant: A KeepassXC file backed up to different physical locations and 2 different cloud providers.

If I ever forget my password, I am totally screwed. :-P ... but OTOH an event which would lead to the deletion of all of my backups at the same time would be extinction - level. ;-)