Security & upkeep
Self-host Vaultwarden, or use a cloud vault?
Should I self-host my password manager (Vaultwarden) or just use a cloud one?
Self-hosting your password manager with Vaultwarden — the lightweight, Bitwarden-compatible server that runs happily on a small box — is one of the most satisfying things you can self-host, and I run it and recommend it. But I only recommend it with one condition stated plainly up front, because it’s the whole game: you have to be genuinely serious about backups. The instinct is to weigh “self-hosted versus cloud” as a question about breaches — who’s more likely to get hacked. That’s the wrong axis, and focusing on it leads people to the wrong decision.
Here’s the reframe that matters. A reputable cloud password manager already stores your vault encrypted in a way they can’t read, and — crucially — they keep it backed up and available for you. The real, everyday risk they remove isn’t sophisticated attackers; it’s you losing your own data. When you self-host, you take that job back. Your vault now lives on your hardware, and if that drive dies, or a bad update corrupts it, or your house floods, and there’s no backup — your passwords are simply gone. Not leaked. Gone. And a lost password vault is a uniquely miserable disaster, because it’s the key to everything else.
So the honest comparison is: cloud trades a little control for someone else handling durability; self-hosting gives you full control and full responsibility for that durability. Neither is “more secure” in the way people mean — both encrypt your vault so the storer can’t read it. The question is whether you will reliably keep the copies that stop you losing it.
That gives a clean way to decide. If you already have a backup habit you trust — your important data gets copied somewhere off the machine, and you’ve actually restored from it at least once — then Vaultwarden is fantastic: your own passwords, your own hardware, and you’ll fold the vault into the backups you’re already running. If backups are still aspirational, be honest with yourself and stay on a reputable cloud manager for now; it’s not a lesser choice, it’s the right one until the safety net is real. Self-host your passwords when, and only when, you’re confident you won’t be the one who loses them.