Password Management
The use of username-and-password authentication has become a nightmare for organizational and personal security on the web. Brute-force attacks using lists of real passwords stolen from database breaches are constantly ongoing. For people who re-use the same or similar passwords for multiple sites, it’s a matter of when not if their accounts will be compromised.
Password managers offer a solution to this, by randomly generating separate passwords for each account you create, and storing that in a single database which is encrypted with one strong master password. This gives you only one thing to remember, but presents each site you use with a different, strong, random password.
It also comes with a downside: it presents a single point of failure. In autumn of 2022, Lastpass’s database was stolen. The database leak demonstrated gross mishandling of many people’s password records. Furthermore, metadata was stored in their server about the password records, meaning that they could track which sites you were registered with, sell that information for a profit, and report or sell it to police and governments. All this risk was compounded by the massive target Lastpass had painted on their back by trying to be this “single point of failure” for everyone.
Trusting a closed-source, capitalist, proprietary organization with the secrets that keep all of my hundreds of online accounts secure was never really something I considered. I’ve been hosting Vaultwarden for many years now, and have not had a single account compromise or data compromise that entire time.
With our managed Vaultwarden service, you get:
- An organization-specific password manager service, i.e. passwords.your-domain.org
- Two-Factor authentication support and optional enforcement
- The ability to share passwords among members of your organization
- as with all of our services, we share with you our infrastructure configuration and backup copies of your data so that you can migrate to other infrastructure at any time. We also offer the option of physically posessing your data, or scaling out horizontally with us for additional resiliency.