How to Build a Self-Hosted Password Vault: A Step-by-Step Guide

Written by grantcollins | Published 2023/05/17
Tech Story Tags: password-security | security | cybersecurity | password-vault | youtubers | password-protection | passwords | hackernoon-top-story

TLDRIf you are a one-person team, managing your own passwords is doable and can also be fun for users who want to partake in this project. It can also be risky to self-host a password vault if a user lacks full security competence and exposes the vault to the internet. The more users one has to manage, the harder it gets, in terms of compute power to serve the various devices as well as managing many users. So if you are in a family or business, using a cloud option may be easier. Let’s set up a self-hosted vault in Passbolt using a docker container. I am on a Windows 10 machine. I do have Docker Desktop installed and will not be going over how to install Docker Desktop. You can do this on any device, it may be slightly different depending on the OS.via the TL;DR App

A few months ago, I made a video on LastPass getting hacked and the several security shortcomings of LastPass. One of them being the closed, proprietary security model, especially given how sensitive passwords are to our online ecosystem.

With a proprietary, closed-source security model and the hosting of passwords in the cloud, many users have chosen to move to open-source, self-hosted solutions, where they can have full visibility into the source code and full control of how their passwords are handled.

There are pros and cons to this solution.

Pros

  • Secure and private data storage.
  • Uncompromised data security as long as the system has been properly secured.
  • Full user control over where passwords are stored.
  • It's a bit harder than opening notepad and pasting in passwords, but it provides easier integration and flexibility once you have the vault setup.

Cons

  • Lack of flexibility with a hybrid device ecosystem like computers and phones.
  • Active maintenance and security of the server.

So when should you choose to self-host over using a cloud option?

If you are a one-person team, managing your own passwords is doable and can also be fun for users who want to partake in this project.

It can also be risky to self-host a [password vault](https://password vault) if a user lacks full security competence and exposes the vault to the internet.

The more users one has to manage, the harder it gets, in terms of compute power to serve the various devices as well as managing many users. So if you are in a family or business, using a cloud option may be easier.

Let’s set up a self-hosted vault in Passbolt using a docker container. I am on a Windows 10 machine. I do have Docker Desktop installed and will not be going over how to install Docker Desktop.

You can do this on any device, it may be slightly different depending on the OS.

Watch the Video Tutorial

https://youtu.be/t77qcvfv0wk?embedable=true&transcript=true

This article was part of HackerNoon’s YouTuber serieswhere we share the best tech content that YouTube has to offer.

If you want to see more from this series, check it out here.

Written by grantcollins | An I.T. nerd who wants to think he is good at cybersecurity but really is just a script kiddie.
Published by HackerNoon on 2023/05/17
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy