this post was submitted on 15 May 2026
296 points (99.0% liked)

Selfhosted

59210 readers
1323 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
296
Bitwarden's new CEO has a Private Equity background, removed 'Inclusion' and 'Always Free' from their website -- because of course he did (www.fastcompany.com)
submitted 5 hours ago* (last edited 2 hours ago) by german@pawb.social to c/selfhosted@lemmy.world
64 comments fedilink hide all child comments
 

In the latest episode of "they will always sell you out" - they sold you out! Who would've thought.

Hoping for a good alternative client to appear, the writing is on the wall. Vaultwarden can't exist without "leeching" off of Bitwarden.

top 50 comments
sorted by: hot top controversial new old
[–] godsammitdam@lemmy.zip 4 points 22 minutes ago (1 children)

Has Vaultwarden said anything yet? I imagine that, if necessary, given that bitwarden's client is still open, at the point they choose to try and close it, we, the users, can fork it and establish it for vaultwarden, correct? Or, maybe even the vaultwarden team will think about forking it themselves and making a light client as well to pair with the current server.

But Vaultwarden can exist without "leeching" they just haven't needed to yet. That's more symbiotic than parasitic. The parasite class just took over Bitwarden after all.

[–] german@pawb.social 1 points 6 minutes ago

Not to my knowledge. As far as forks go, that’s true. However, Vaultwarden would need to become an independent team, and even if they don’t take over maintaining the client, someone else would need to become independent. While it can work, it can also lead to very nasty, longstanding bugs or security issues due to scale, budget, and effort. I see this a lot with Apple apps for example - smaller developers understandably don’t want to deal with Apple’s crap and costs, and everyone suffers in the end.

If you look at the current state of the cybersecurity world, it’s not kind to open-source developers. AI-generated BS is dredging up vulnerabilities on all sides. So security is also a big concern. Someone like Bitwarden has a lot of budget to swing.

Vaultwarden itself is incredibly good, but not perfect:

https://nvd.nist.gov/vuln/detail/CVE-2026-26012.

[–] sloppy_diffuser@sh.itjust.works 8 points 1 hour ago (1 children)

They responded on reddit and walked some of it back as an "oversight": https://www.reddit.com/r/Bitwarden/comments/1tdvnh7/comment/olznwcv/. Allegedly, I'm too lazy to verify.

[–] blarth@thelemmy.club 12 points 39 minutes ago (1 children)

A change that would require intent to make is not a mistake or oversight.

This sucks. I committed to Bitwarden years ago and now am going to have to switch before they lock me in the garden.

[–] german@pawb.social 2 points 15 minutes ago

They also haven’t addressed the removal of inclusion and transparency from their goals.

[–] RonnyZittledong@lemmy.world 98 points 3 hours ago (4 children)

Jesus, I'm tired of switching password managers.

[–] Speculater@lemmy.world 1 points 21 minutes ago (1 children)

I just got Bit warden this year! Gah. Where are we jumping?

[–] testaccount789@sh.itjust.works 1 points 48 seconds ago

Full circle to sticky notes on monitor.

[–] MangoPenguin@lemmy.blahaj.zone 28 points 2 hours ago (3 children)

KeePassXC + KeePassDX is probably the best option, with the downside of no way to sync easily (syncthing is probably the best option there)

I might switch back at some point, been getting frustrated with the bitwarden extension performance always being so poor.

[–] german@pawb.social 1 points 4 minutes ago

Merge conflicts are a concern for KeePass, especially for those that don’t want to resolve them. Sync is difficult. AFAIK this is a very common issue with Syncthing setups.

Also, the portability from Bitwarden to KP leaves a bit to be desired, though that’s probably 90% on BW.

[–] tremble5218@programming.dev 2 points 41 minutes ago

Rclone with any cloud provider is another great option that's seldom mentioned. I posted my setup as a comment on another post. You may find it here - https://programming.dev/comment/23849767

[–] electric_nan@lemmy.ml 11 points 2 hours ago (1 children)

Sync however you want. Syncthing, Nextcloud, Dropbox, Gdrive etc.

[–] Flagstaff@programming.dev 8 points 1 hour ago

Syncthing is the way to leave Google Drive, etc.

[–] slate@sh.itjust.works 23 points 3 hours ago (3 children)

KeePass isn't going anywhere. They're also dragging their feet on passkey support, so you might go with KeepassXC.

[–] Flagstaff@programming.dev 0 points 1 hour ago* (last edited 1 hour ago) (1 children)

They’re also dragging their feet on passkey support

As... they... should, forever.

[–] 4am@lemmy.zip 3 points 56 minutes ago

Two articles behind a paywall, one that won’t load, and another article that says the big problem with passkeys is…people are unfamiliar with them.

If anyone tells you that Passkeys are bad, they’re a liar. Way more safe than passwords, full stop.

Just don’t let Microsoft or Apple tie them to your device. You don’t have to do that.

[–] zeitverschreib@freundica.de 9 points 3 hours ago (1 children)

@slate

Wasn't there some commotion a few weeks about KeepassXC and vibe coding?

@RonnyZittledong

[–] Dumhuvud@programming.dev 16 points 3 hours ago

Yeah, there was. It was forked because of that, actually: https://codeberg.org/ChiPass.

[–] eightys3v3n@lemmy.ca 5 points 2 hours ago (2 children)

They also don't effectively allow collaboration though, which is my cheif reason for using a cloud hosted password manager.

[–] frongt@lemmy.zip 2 points 56 minutes ago

Sure they do. Multiple people can have a file open at the same time. I use it for exactly this every day at work.

With KeePassXC, that is. I don't know if other flavors have different support. I use XC primarily for the browser extension.

[–] Flagstaff@programming.dev 3 points 1 hour ago

What is "collaboration" in this context?

load more comments (1 replies)
[–] silentjohn@lemmy.ml 18 points 3 hours ago (2 children)

Every company is basically evil at this point.

[–] grue@lemmy.world 1 points 21 minutes ago

Since Dodge v. Ford Motor Co (1919), if not earlier.

See also: https://reclaimdemocracy.org/corporate-accountability-history-corporations-us/

[–] iamthetot@piefed.ca 15 points 2 hours ago (1 children)

There is no ethical consumption under capitalism.

[–] wheezy@lemmy.ml 2 points 55 minutes ago* (last edited 54 minutes ago)

I think the rope they're selling us might, one day soon, have a net positive impact.

[–] SnotFlickerman@lemmy.blahaj.zone 17 points 3 hours ago* (last edited 2 hours ago) (1 children)

This is why corporate promises can never be trusted, because a new CEO can change those promises on a whim.

It's part of why despite being interested in Beeper, I never signed up for it because I had questions about if those privacy promises they made would be kept if they sold to a bigger company... which they eventually did.

On the plus side Bitwarden already made an official open source self-hosted version, which can be forked and/or return to the community developed Vaultwarden roots.

Meanwhile KeepassXC keeps on chugging along.

[–] northernlights@lemmy.today 2 points 1 hour ago (1 children)

FYI beeper is really just matrix with bridges. Once I realized that I set up my own and now I have the same functionalities as beeper, self hosted, with a choice of clients.

[–] SnotFlickerman@lemmy.blahaj.zone 1 points 1 hour ago

Oh I was well aware at the time, but I had a lot of friends who still struggled with trying to use Matrix/Element so at the time I was seeking a simpler solution for them.

[–] Shortstack@reddthat.com 54 points 4 hours ago

That’s troubling, I don’t like what this portends.

The new CEOs background especially suggests they’re spiffing up the company for a later sellout, why else would they pick a merger specialist for the role?

[–] Grandwolf319@sh.itjust.works 9 points 2 hours ago

Oh no, and I just setup Vaultwarden

[–] otter@lemmy.ca 40 points 4 hours ago* (last edited 4 hours ago) (1 children)

I think the original title was more helpful because it shows that this is a recent development. Maybe you can add "new CEO"?

Bitwarden scrubs ‘Always free’ and ‘Inclusion’ values from its website as longtime execs step down

In February, longtime CEO Michael Crandell moved to an advisory role, according to LinkedIn, with no announcement from the company. His replacement, Michael Sullivan, former CEO of both Acquia and Insightsoftware, touts his experience with “all facets of mergers and acquisitions” on his own LinkedIn page, including experience working with leading private equity firms.

CFO Stephen Morrison also left Bitwarden in April, replaced by former InVision CEO Michael Shenkman. Both Crandell and Morrison joined the company in 2019. Kyle Spearrin, who started Bitwarden as a fun hobby project in 2015, remains the company’s CTO.

[–] german@pawb.social 4 points 2 hours ago

You're right, changed

[–] akwd169@sh.itjust.works 1 points 1 hour ago

Motherfuck!

[–] evil_andy@sh.itjust.works 40 points 4 hours ago

Well, poop.

[–] goatinspace@feddit.org 7 points 3 hours ago

[–] Stupendous@lemmy.world 1 points 1 hour ago (2 children)

Keepassxc and whatever I'm using off f droid for Android. Then is sync with proton drive. Works well for me. I do the same for my one time password backups. You don't even need to pay for a subscription to proton. These are small files. Free version is good enough

[–] Flagstaff@programming.dev 3 points 1 hour ago

Yes, I use KeePassDX as well.

sync with proton drive

That's not good enough. Stay entirely offline. Keep your own stuff in sync via Syncthing and Syncthing-Fork daisy chains, especially if they're small files.

load more comments (1 replies)
load more comments
view more: next ›