I’ve been looking around the GitHub repo for a while and so far it looks really interesting!
Theres just a couple of things i dont seem to get properly.
What exactly is Vaultwarden?
Does it offer the same features that a “Paid” Bitwarden instance has? (In terms of, is it “stable” enough)
What i mean by that is, can i achieve the same that i can with Bitwarden Enterprise?
Currently our license cost is skyrocketing, and we where already looking for alternatives like Passbolt, but we didn’t really like that.
What we need
Organisations
Access Control to who sees what
and additionally a personal Famililes vault. (as an alternative i’d just create a second org)
Groups (I’ve seen its marked as unstable, but was not able to find any further info)
Sync Vaults between devices (MacOS,Windows,iOS,Android)
Would that be possible with Vaultwarden?
Another question is account security.
I’ve read somewhere in a setup-guide that there’s pretty much no way to restore anything if you loose access to your account. (The guide is quite old by now, just stumbled uppon it while trying to research)
Is that still true?
I’ll chime in with my experience as a home user of Vaultwarden installed on my NAS. I think everyone who uses Vaultwarden is a fan of Bitwarden, but we want to run the server on our own hardware and we want some of the advanced features without paying for it. Also, the Bitwarden server (which you can also self host) is built to handle numerous (hundreds? thousands?) of simultaneous users. As a result, it’s a heavy application to run self hosted for a smaller amount of users. My instance of Vaultwarden has been 100% stable for almost 2 years. It’s just as reliable as the hardware it’s running on.
Of your list of “needs” the only one I’m not sure of is the Groups. But I think you can accomplish everything you need with Organizations and Collections. You’d simply create a different organization for each group, including a personal or family organization. You can then create sub-groups in the organization called “collections” and control access by assigned users to the collection. Users can be members of multiple organizations and collections. Users also have their own personal vaults. So there’s a lot of options and flexibility for access.
As far as security goes, Vaultwarden uses the same Bitwarden clients and all of the encryption is done on the clients. The Vaultwarden server (which is a re-written version of the Bitwarden server) is open sourced for everyone to check the code. Unlike Bitwarden, Vaultwarden hasn’t been audited to my knowledge, so you have to trust the community. I am comfortable with that since the Vaultwarden server doesn’t do the encryption/decryption, that is all done on the Bitwarden clients.
I think a bigger issue you’d need to focus on is backing up your information. Yes, if you lose your data then it’s gone and no one can help you get it back. So have a 3-2-1 backup strategy on whatever platform you install Vaultwarden on. If you forget your master password there is an “emergency access” option to have a trusted friend get you back into your account, but you have to set that up ahead of time. I believe that’s a feature from Bitwarden supported in Vaultwarden.
I have multiple family members that are not very tech savy, and as far as they are concerned they are using Bitwarden. That’s because they have zero visibility on the Vaultwarden server. They use the Bitwarden clients on their phones and computers and for them the experience is exactly the same as if I was a customer of Bitwarden’s family plan.
