Deleted my LastPass account permanently today.. switched to 1Password.

Until Vaultwarden, I was never comfortable storing passwords anywhere else. Even worse, I used to use variations of the same password, because I am only human and can only remember so much.

Only after Vaultwarden, did I confidently begin storing passwords and used absolutely random characters and absolutely random passwords.

To those saying self hosting BitWarden/Vaultwarden is not a security feature, do you have tips as to improve the security hardening of Vaultwarden?

Things, I could think of

1. Disabling the admin token.
2. Preventing WAN access. (To be done on the router)
3. Setup Reverse proxy with fail2ban.
4. For WAN access, consider something like tailscale.

Vaulwarden is awesome.. running it as a docker container

• I am using Cloudflare tunnel for wan access
• Have enabled 2FA for additional security

what do u mean by

I meant preventing remote access to the router management page itself. And also stop port forwarding vaultwarden or anything else. Both of these hold water only if your ISP provides dynamic IP instead of CGNAT IP. Sometimes having a CGNAT IP is a blessing. (case in point)

With cloudflare tunnels, is your vaultwarden exposed to the public internet directly? Doesn’t that open it to brute force attacks (if you haven’t used fail2ban)

It never prompts me to save any forms. Does it prompt for you?

For browsers install the bitwarden plugin and it will prompt. Tested on firefox.

Already using bitwarden plugin since years but it never prompted unlike lastpass. Tried ff/chrome.

Try this guide maybe?

I vaguely remember using this when I wanted to use auto-fill.

bitwarden latest updates have the prompt enabled now, for me it works on Edge browser on Windows & Mac