Hey! I would like to selfhost a password manager but I can’t decide which one to use. I am looking to use it only locally. I really like the UIs of Padloc and Passbolt. For passbolt to work properly I would need a mailserver, right? I do not want to set up a mailserver. Do I need one to selfhost Padloc?
I already tried to set up the Padloc Docker Container, but it gives me some errors. Maybe, there is another package for Padloc selfhost? Like a deb or snap package?
Do you have any other recommendations for which one to use? Maybe one thats NOT a docker container? Any other tips?
Thanks for reading this, looking forward to reading your answers & opinions! :)
I also agreed with everyone else regarding Vaultwarden. On top of that you can setup nginx proxy manager for SSL certificate and local access only (you don’t even need to expose your npm externally). DNS resolution can be done either by pi-hole or adguard
vaultwarden.
Why not Vaultwarden?
> I am looking to use it only locally.
KeePassXC. If you need cross-device sync - just setup Syncthing.
Doing that but without syncthing - directly via VPN to NAS
There’s two options that are popular, as you may have guessed from the comments.
Vaultwarden is (my guess) the more popular one with a server & web interface managing your password database on that server.
KeePass is a standalone tool that relies on a local database file. You’ll see other names like KeePassXC as that’s the Linux client, anything that’s roughly KeePass is all the same concept --and importantly, compatible with the same encrypted database file of passwords.
It’s worth noting that Vaultwarden stores your passwords locally in case you can’t get to your server, and KeePass has very good built-in syncing over files. And since KeePass is just dealing with that file you can easily get it to your phone (or even in a browser) with something that does file sharing over the web like Nextcloud. Anything webdav or syncthing will work for sharing the file but Nextcloud has a great plugin to ALSO let you use the KeePass file directly in nextcloud web interface.
Personally I use KeePass as I hadn’t heard of Vaultwarden when I started but with the file sync on save feature I have KeePass syncing to my NAS from both laptop & desktop. With NC I have it syncing to the web using the NC file/folder sync tool. With thr NC app I can use it on any browser. With the Android app I can sync the database from NC to my phone. I’ve got copies of the database everywhere and I can’t imagine losing it (exactly what I want with everything, but especially passwords).
There is a workaround for the passbolt mailserver configuration and a good reason behind it, you can see both here: https://www.reddit.com/r/passbolt/comments/uct0v1/comment/i6d7id6/
You can also use a free gmail account if you want the benefits of using passbolt with the mailserver configured without having to set up your own: https://help.passbolt.com/configure/email/smtp-authentication.html#google
Passbolt also has a variety of installation options other than a docker container: https://help.passbolt.com/hosting/install
I do work at passbolt. Just wanted to share this information in case it’s helpful. Let me know if you have any questions or feedback.KeePass, no sync need when used with KeePassium and WebDAV.
basically the best option for individual use
Works for teams too if you want to share all the passwords.
I use and love BitWarden. There are paid features, but they’re worth it to support the project. A lot of people on here use VaultWarden, which is a replacement for the BitWarden server that’s compatible with the BitWarden front-end. Be aware VaultWarden doesn’t undergo security audits like BitWarden does.