Blog

Sharing passwords is no longer a problem for self-hosters

Announcement

Remember those yellow post-its on monitors? Most of the time, they “hide” the secret password for your user account. Sharing secrets was easy. Passing the note to your teammate solved the problem of shared accounts.

Later, the first digital solutions came around the corner. Do you remember solutions like PGP to encrypt the password and send it by mail to the teammates?

In 2003, the first version of KeePass, an encrypted secrets' database, saw the light of day. It was a nice piece of evolution in the history of storing secrets.

Later, the first software-as-a-solution companies launched their services. You may remember LastPass or 1Password. It was easy to store all your secrets on their cloud-based infrastructure and share credentials with your teammates. But didn’t you ever have concerns about trust in privacy or encryption? To be fair. I used 1Password on my Apple hardware for years. It’s a nice little piece of software for my daily work.

Bitwarden for storing and sharing secrets in a self-hosted way

In 2016, Bitwarden Inc. introduced Bitwarden, the first service as open source software, like those of 1Password and LastPass. Bitwarden has everything for self-hosters. An open source server component, a huge set of clients for various desktop and mobile operating systems, and add-ons for the most popular browsers.

You are able to save your personal credentials and configure bitwarden with so-called organizations. Invite your teammates or clients to your added organization and share secrets with them. Permission settings allow you to split credentials into different collections to accommodate different users in your organization. Say: Teammates from the social media team have access to secrets from Twitter, Facebook, Instagram and your beloved Mailchimp, while your devops colleagues have access to servers, services and hosting provider dashboards.

Vaultwarden in our App offering

Vaultwarden is the alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

For security reasons, vaultwarden does not connect to external LDAP/AD user management solutions. So each user in your organization must remember the credentials for an additional user account. Maybe it’s a good time to use the rest of your old post-its.

Just kidding :)

Stephan Luckow

DeepL Translator

Focus
Privacy