Vaultwarden (Bitwarden)
Bitwarden is probably the most user friendly and secure server stored password manager. The https://bitwarden.com company provides a generous free tier, but some of the services are limited when not paid. To have a self hosted solution away from a major server hack and to provide more features, we have hosted Vaultwarden at https://ravergram.club/vaultwarden.
You need to use a ravergram email account to sign up. All other accounts will be rejected. Recall you can access your ravergram email at https://ravergram.club/nextcloud/apps/mail/ or any email client.
- Think of a long strange passphrase that you will not forget. This is the last passphrase you need to remember. If you forget it or lose it, you are f'd. I cannot reset it for you.
- Setup your account at https://ravergram.club/vaultwarden.
- Download the Bitwarden software for your devices at https://bitwarden.com/download/.
- Log into your account from the Bitwarden app but change the region from US to self-hosted.
- Import your existing passwords that you exported from lastpass or another password manager if you have them.
Should you use Bitwarden main server or our Ravergram server?
Bitwarden works by synchronizing the vaults on your clients (SW stored on PC or handset) with the vault stored on the server. They are all strongly encrypted depending on how complex you make your passphrase.
If someone obtained access to your vault by getting your device or by hacking and heisting from the server, they could try brute forcing the password by using a program to pump many permutations of passwords at it. The stronger your passphrase, the longer it will take to brute force it.
The Bitwarden company server is better secured than our home server, but it is also a bigger target for hackers. Ravergram server is well secured and hackers have little reason to try to get into it because of effort verses reward. If someone is able to hack into Bitwarden, they get thousands or millions of vaults. If they hack into our server, they get just a few.
If the Ravergram or Bitwarden server is ever offline which happens occasionally, your passwords are still in your local vaults on your clients. They simply cannot synch with the server during that time.