Vaultwarden allows a bit of downtime, the vault is cached by the clients

When the server is not reachable, no writes are allowed

I enjoy self hosting, but what tipped the scales for me in favor of using Bitwarden’s servers is that I’m 100% confident I’m not as good as hardening my system from being compromised as they are. The vault is going to be encrypted anyway, and I think there’s a lower chance of it falling into the wrong hands if it’s hosted with Bitwarden. Same reason I don’t self-host email.

Plus Bitwarden is a cool company and the product is open source, and the premium features are unreasonably low priced.

Maybe worth to mention that bitwarden also propose bitwarden.eu to host data in Europe. I’ve used bitwarden.com for years, and switch to bitwarden.eu a few month ago because of reasons, you know…

Bitwarden is dirt cheap. I can never host and be as reliable as they are for that price.

One little bonus for using Vaultwarden is that you get access to premium features for free. But still, I put availability much higher when it comes to password management, so I would go with paid Bitwarden. That is what I did before moving to Keepass.

add keepassxc to the list. I’ve avoided it for the longest times because I remember the horror that was the OG keepass. this is modern software, minimal footprint (miniscule compared to bitwarden’s electron crap), easy to use, the db is one file that’s easily syncthing-ed around, browser extensions, etc.

I self host vaultwarden and its great. Its an easy self host, and in my experience, it has never gone down on me.

That being said, my experience is anecdotal. If you do go the vaultwarden route, realize that your vault is still accessible on your devices (phone, whatever) even if your server goes down, or if you just lose network connectivity. They hold local (encrypted at rest) copies of your vault that are periodically updated.

Additionally, regardless of the route you take you should absolutely be practicing a good 3-2-1 backup strategy with your password vault, as with any other data you value.

If I get hit by a bus, then the passwords for the things that my wife needs to settle things gets sent to her, and the infra isn’t something that I maintain and could be down.

Worth $10/yr, by far.

If in the future you think you might bring family/relations onboard to the password manager, it may be worthwhile to pay for a BitWarden family plan. BitWarden is really low-cost and they publish their stuff as FOSS (and therefore are worth supporting), but crucially you don’t want to be the point of technical support for when something doesn’t work for someone else. Self-hosting a password manager is an easier thing to do if you’re only doing it for yourself.

That said, I use a self-hosted Vaultwarden server as backup (i.e. I manually bring the server online and sync to my phone now and again), and my primary password manager is through Keepassxc, which is a completely separate and offline password manager program.

Edit: Forgot to mention, you can always start with free BitWarden and then export your data and delete your account if you decide to self-host.

Do you have a proper backup solution? If you have a catastrophic data error, can you still recover? If not, just choose the hosted infrastructure.

Self-hosting is great. I love it. But when it comes to critical things that you absolutely cannot fuck up, I would rather trust a consumer based solution. If you fuck up your passwords and they’re gone, it’s going to hinder you significantly more than losing sleep about some rando having all your passwords if they break scrypt encryption.

I self-host Bitwarden, hidden behind my firewall and only accessible through a VPN. It’s perfect for me. If you’re going to expose your password manager to the internet, you might as well just use the official cloud version IMO since they’ll likely be better at monitoring logs than you will. But if you hide it behind a VPN, self-hosting can add an additional layer of security that you don’t get with the official cloud-hosted version.

Downtime isn’t an issue as clients will just cache the database. Unless your server goes down for days at a time you’ll never even notice, and even then it’ll only be an issue if you try to create or modify an entry while the server is down. Just make sure you make and maintain good backups. Every night I stop and rsync all containers (including Bitwarden) to a daily incremental backup server, as well as making nightly snapshots of the VM it lives in. I also periodically make encrypted exports of my Bitwarden vault which are synced to all devices - those are useful because they can be natively imported into KeePassXC, allowing you to access your password vault from any machine even if your entire infrastructure goes down. Note that even if you go with the cloud-hosted version, you should still be making these encrypted exports to protect against vault corruption, deletion, etc.

I had a similar dilemma and just went with bitwarden because I don’t trust myself not to fuck up. Bitwarden can’t access the passwords without my master pw (afaik) so I feel safe knowing that. I use it on all my devices so it gets synced there and even if the service is down, I have my passwords.

I’ll self host it when I reach the next level of paranoia.

I self host as well as use bitwardens service.

I pay $10 a year, and never have I had access issues with it.

My self hosted instance houses everything for my other self hosted services.

I can also have my Bitwarden duplicated to my self hosted instance.

However, the only way to access my Vailtwarden instance is via my network. And for my use case, this is perfect.

Neither of them have I had any downtime; like others have said it’s anecdotal.

I’d throw in option 3: use a KeePass2 database, sync it using whatever sync tool you like (SyncThing, iCloud, NextCloud, WebDAV, …) and use compatible apps (KeepassXC, Strongbox, etc.)

On the other hand, using bitwarden might require some level of trust. How much should I trust the company to use the free service?
How do I know if my passwords would be safe, not being exposed to the wide net?

Wouldn’t these questions be as true of the VPS service that hosts Vaultwarden as of Bitwarden?
If my internet at home was better I would be selfhosting Vaultwarden and use a full vpn on my laptop/phone/tablet when leaving the house.
Now I’m using KeepassXC with my home pc as the true source and syncing copies of the database to my laptop and phone.