972
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 15 May 2026
972 points (100.0% liked)
Selfhosted
59343 readers
795 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
Jesus, I'm tired of switching password managers.
KeePassXC + KeePassDX is probably the best option, with the downside of no way to sync easily (syncthing is probably the best option there)
I might switch back at some point, been getting frustrated with the bitwarden extension performance always being so poor.
Sync however you want. Syncthing, Nextcloud, Dropbox, Gdrive etc.
Syncthing is the way to leave Google Drive, etc.
Is there a proper syncthing android client now, after the official android client was discontinued?
Syncthing Fork works well for Android
Solid question; there are only third-party apps. A recent discussion in !syncthing@lemmy.ml led me to most recently adopt BasicSync, which is incredibly low-profile and is probably the closest thing we can get to it.
However... if you want to get as pure as possible, you can apparently run Syncthing's Linux version directly in Termux on Android without the need for a dedicated Android app. There are also entire alternatives to Syncthing like syncspirit (which can also be run through Termux and which I'm considering trying as well).
I use Nextcloud myself, but if people don't want to host a server or fuck with syncthing, they can sync it however they want as long as they use a strong enough master password/phrase (which they should be anyway.).
My first password manager was KeePassXC.
Hooked it up with Syncthing, and I've never had issues aside from the occasion database duplicate.
Merge conflicts are a concern for KeePass, especially for those that don’t want to resolve them. Sync is difficult. AFAIK this is a very common issue with Syncthing setups.
Also, the portability from Bitwarden to KP leaves a bit to be desired, though that’s probably 90% on BW.
I switched over to keepass yesterday, and surprisingly the import from BW was perfect (as far as I can tell), even passkeys came over just fine.
It's really not that much of an issue. I sync my database between several devices, some of which are only used occasionally. Rarely do I ever have a merge conflict.
If you're editing the database on multiple devices before they have a chance to sync with each other, maybe stop doing that. That's what causes merge issues.
I've been using KeePass with Syncthing for 5+ years now and I think I've only had a sync issue once in all this time.
Granted I do make sure I only use the database on one device at a time (so not making edits on desktop and my phone at the same time) and I'm using XC and DX clients not the OG KeePass program.
I'm curious what is causing sync issues to make it "common", I use my db every day.
Yeah, it’s not an uncommon use case to accidentally or even intentionally edit the database on two online devices - I do it all the time when I want a new login to be used on my laptop right after I signed up for some new website on my PC, and the laptop just happens to have an “unpushed” change from last evening, or I edit the new login’s metadata, or whatever.
With this, I’d have to keep a mental model of the versioning of each database and avoid even touching my phone like the plague if KeePass is open on my computer.
It’s not that big of a deal, it’ll probably be a problem once every few months, but it’s annoying to keep track of and worth talking about.
XC is really nice, but the devs are kinda dicks about not integrating some sort of syncing option, instead telling everyone who asks to "just point it to a local folder and use <insert sync tool of your choice> to keep that folder updated." Which isn't terrible advice, but some of us don't have that option on managed devices.
I ended up using Keepass2Android and just pointing it at my webdav server, it seems to work pretty well!
On desktop it's already taken care of since I put the DB in my folders that already sync via Syncthing.
I love K2A, been using it for well over a decade now. I really should toss the dev some cash... They've kept the UI consistent for years.
KeePass isn't going anywhere. They're also dragging their feet on passkey support, so you might go with KeepassXC.
@slate
Wasn't there some commotion a few weeks about KeepassXC and vibe coding?
@RonnyZittledong
Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass
Their AI policy looks very reasonable, and they certainly aren't vibe coding. Everything is rigorously reviewed and tested by a handful of experienced, competent humans.
They also don't effectively allow collaboration though, which is my cheif reason for using a cloud hosted password manager.
As... they... should, forever.
Two articles behind a paywall, one that won’t load, and another article that says the big problem with passkeys is…people are unfamiliar with them.
If anyone tells you that Passkeys are bad, they’re a liar. Way more safe than passwords, full stop.
Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.
Are you calling me a liar? That's pretty weird; it's not like I'm telling you to stick to passwords while I move to passkeys. With that said, though, get Bypass Paywalls Clean (Mozilla-only, as far as I know) and you'll never see another paywall again. I forgot about having that.
The problem is that this is where it's eventually going to lead to.
At the very least you're misguided or don't know what you're talking about. Passkeys are not vendor locked in and of themselves.
You can make the same argument against password managers because most iPhone users that use them, use Apple's one.
They will almost certainly lead to vendor lock in. Why do you think they won't? Apple's password manager is definitely an example of vendor lock in. Many others have a simple to use export feature to CSV or something that others can understand
Edit: it could be that you don't know what the WebAuthn/FIDO2 specification says or we understand it differently? Do you know how the attestation mechanism works? That ties the key to a device or software authenticator (the software authenticator is likely going to tie it to the device somehow, possibly even via a TEE).
There is no full stop there... A password that is sufficiently long will never be cracked no matter the hashing algorithm in use. Passwords are easily transferrable and can be communicated to a third party in the event of an emergency. They also provide tunable security, where you can trade off security for convenience if you want.
Some (not all, I know) passkeys are tied to a device. Stolen device means stolen passkey, and it's potentially very difficult to recover from that. Passkeys are also locked to a certain standard, passwords have no such restrictions.
Tbh I don't understand the move for passkeys replacing passwords. They should become the second factor when a user wants additional security. They're perfect for that niche.
Passkeys provide a secure way to authenticate while also being convenient. With the tradeoffs you mentioned.
I don’t like the push for only allowing some vendors to issue keys and to not allowing exporting and backups. And password should still be an option.
Password Store is the answer, if you don’t need passkey support. You can be sure it can’t be sold. It’s the golden middle: not self hosted, but not owned by anyone.
Took me like 5 minutes to move back to KeepassXC.
I just got Bit warden this year! Gah. Where are we jumping?
Full circle to sticky notes on monitor.