view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
In theory at least, online services would be more safe than a locally decrypted vault. If your computer is compromised, the bad actors can pull your encrypted vault for an unlimited brute force attack. Of course, this can be mitigated by increasing the decryption time. However, if your vault is already decrypted, then bad actors can just pull all your password from your memory.
I, for one, am decrypting my vault once when I start my PC. In theory, if I were to use an online solution, bad actors wouldn't be able to pull my vault from memory.
It's the same issue once you login to your vault via browser extension. They have to download your vault locally on login to decrypt it when you enter your password anyway*. Even if they don't store your vault password in memory, they either store the entire vault (unlikely for size reasons) or a more temporary key to access the vault. Local compromise is full compromise already.
*If they don't, then they either made a giant technological leap, or they're storing your passwords on a simple database on their servers and that's not what you want from a password manager.