TLDR: host your own password manager.
Password managers are great, but you run the risk of the company getting hacked as has happened to LastPass and others. You could use something like Bitwarden and set up 2FA and use a Yubikey. This will protect you against your passwords getting hacked, but if the company’s servers go down then you’re screwed. If you enable cache then you might be ok, but you’re still relying on a third party to store your data and if you opt for the plan with yubikey you have to pay a ~$10 annual subscription.
Solution: host your own instance of Bitwarden (Vaultwarden). Not only do you get to keep the convenience of using a password manager, but you can rest easy knowing you’re hosting your data in your own server. This does require you spin up a server, which can be done fairly easily nowadays. I’m a big fan of StartOS from Start9 (npub126n…e9ll) they sell plug and play servers, but you can use an old laptop if you don’t want to buy new hardware.
I would suggest you keep the passwords to the Server and Vaultwarden on a piece of paper inside a tamper evident bag. This way you keep the gatekeeper passwords offline, and if someone were to come across those passwords at your house they would still need to know what to do with it (go to your server LAN address). There are some tradeoffs and nuances, but I think this is a pretty solid option
SHSS / DRE
npub1hh…3cz98
2023-11-23 04:50:04
in reply to nevent1q…6q8d
Author Public Key
npub1hhczaensvm77hgj4uxk804n6m9gy3hk4p6ugtgqu4vu32mjzst0s83cz98Published at
2023-11-23 04:50:04Event JSON
{
"id": "a60b2fe441373ad6661ade6b9adf2225d3f3530d3677b1875efd6e2cc0c38d7a",
"pubkey": "bdf02ee67066fdeba255e1ac77d67ad95048ded50eb885a01cab39156e4282df",
"created_at": 1700715004,
"kind": 1,
"tags": [
[
"e",
"8c1f82334d4af1d5a0d0184f3acfe8da62d9ab4b9b1f4bba879d876185b00e82"
],
[
"p",
"7c579328cf9028a4548d5117afa4f8448fb510ca9023f576b7bc90fc5be6ce7e"
],
[
"p",
"56a6b75373c8f7b93c53bcae86d8ffbaba9f2a1b38122054fcdb7f3bf645b727"
]
],
"content": "TLDR: host your own password manager.\n\nPassword managers are great, but you run the risk of the company getting hacked as has happened to LastPass and others. You could use something like Bitwarden and set up 2FA and use a Yubikey. This will protect you against your passwords getting hacked, but if the company’s servers go down then you’re screwed. If you enable cache then you might be ok, but you’re still relying on a third party to store your data and if you opt for the plan with yubikey you have to pay a ~$10 annual subscription.\n\nSolution: host your own instance of Bitwarden (Vaultwarden). Not only do you get to keep the convenience of using a password manager, but you can rest easy knowing you’re hosting your data in your own server. This does require you spin up a server, which can be done fairly easily nowadays. I’m a big fan of StartOS from nostr:npub126ntw5mnermmj0znhjhgdk8lh2af72sm8qfzq48umdlnhaj9kuns3le9ll they sell plug and play servers, but you can use an old laptop if you don’t want to buy new hardware.\n\nI would suggest you keep the passwords to the Server and Vaultwarden on a piece of paper inside a tamper evident bag. This way you keep the gatekeeper passwords offline, and if someone were to come across those passwords at your house they would still need to know what to do with it (go to your server LAN address). There are some tradeoffs and nuances, but I think this is a pretty solid option",
"sig": "b55c9fc3e4f10074882f6bddcd75b916186e5c7673f492457692f4cc5f8a4adcb99b340a02c41aeb448d05e7887b8a91676c23629245867f4537e1a704c6d9f5"
}