RSS

Self Hosting Passwords

speckx1 pts0 comments

Self Hosting Passwords | Chuck Carroll

Self Hosting Passwords

Published: 2026-05-20

A few months back, Ars Technica published Password managers' promise that they can't see your vaults isn't always true. I haven't used an online password manager in 5 years. Previously I had been using Bitwarden, which is fine, I just prefer to take ownership of as much of my digital life as I can.

My setup is KeepassXC to manage all my passwords in a database and Syncthing to sync all my passwords across my smartphone, laptop, and server. I read a comment on HN recently about how a couple people who had a similar setup and struggled with syncing conflicts, eventually switching back to an online password manager. In the 5 years I've been using KeepassXC + Syncthing, I have yet to have a single conflict with my password. Granted, I don't have a lot of credentials and am very diligent about going through the motions of deleting an online account I no longer have a use for. Once I get confirmation the account is deleted, I then delete the credential from my password manager. I have about 150 credentials in total and I'd guesstimate I could delete around 20 of those.

Now that said, it is possible to self host an instance of Vaultwarden (a fork of Bitwarden), but after some trial and error, it seemed like a more complex alternative to my current solution. For a period, I also briefly used "pass" which is a terminal based offline password manager which I did a brief write up on. I eventually ditched it and went back to KeepassXC because, again, it was making things more complicated than it needed to be (and the browser plugin I was using always seemed to fight me).

I'm not arguing that everyone should ditch their online password manager. This method has less conveniences and requires more responsibility. If my phone, laptop, server, and backup hard drive get destroyed tomorrow in a fire, I'll have challenging times ahead. Most people in the world should probably stick with an online password manager so long as they have a strong vault password and randomly generate all their internet account passwords. However, I still prefer a local password manager because it reduces my attack surface, increases my control, and I enjoy the simplicity of not having a third party involved in my password management. KeepassXC works offline, doesn't potentially leak metadata like the sites I visit, it's flexible, and there's no vendor lock-in. I also don't have to deal with a company shutting down, raising prices, or getting acquired by a less reputable company.

Thanks for reading. Feel free to send comments, questions, or recommendations to [email protected].

password manager passwords online self keepassxc

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.