Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…
That is rather concerning :/. I always said I’d never self host a PW manager, because if i lose access to it, I lose access to most parts of my life. But in light of this report, and with the BW servers being such a juicy target, i have taken to self hosting it. they probably won’t notice a standalone server, with just one account on it, versus a server with thousands or millions of users in the BW servers.
ETA: with an appropriate backup strategy, it should be fine, i think?
I use KeePass, and Syncthing handles multi-device synchronization. The database is also regularly backed up locally and to a few cloud services.
At this point with Lastpass losing their entire DB years ago, why would you trust an online one?
If you self-host, you control all risks and mitigation strategies.