Vaultwarden is a lightweight Bitwarden-compatible server. All the Bitwarden features, self-hosted, using a fraction of the resources.
Why Self-Host Your Password Manager?
Your password manager holds the keys to your entire digital life. Hosting it yourself means:
Passwords never touch a third-party serverNo risk of cloud breaches affecting your vaultNo subscription fees ($10/year for Bitwarden Premium, $40/year for Family)Full control over your securityWhy Vaultwarden?
Vaultwarden is an unofficial Bitwarden server implementation written in Rust. It's:
Compatible with all Bitwarden clients (browser extensions, mobile apps, desktop apps)Runs on 50 MB RAM (official Bitwarden server needs 2+ GB)Includes Premium features for free (TOTP, file attachments, emergency access)Actively maintained and widely usedFeatures
Password Management
Unlimited passwords and secure notesFolder and collection organizationPassword generatorPassword strength checkingTwo-Factor Authentication
TOTP authenticator app supportWebAuthn/FIDO2 hardware key supportDuo Security supportSharing
Organizations for team/family sharingFine-grained collection permissionsEmergency access for trusted contactsPremium Features (Free!)
TOTP authenticator built inFile attachmentsVault health reportsDeployment
1. Deploy Vaultwarden on TinyPod
2. Set up your admin account
3. Install Bitwarden browser extension and mobile apps
4. Point them to your Vaultwarden URL
5. Import existing passwords (from Chrome, 1Password, LastPass, etc.)
Security Hardening
Disable new user registration after creating your accountsEnable HTTPS (TinyPod handles this automatically via Caddy)Set up 2FA on your vaultUse a strong master passwordEnable admin panel only when neededBackup
Vaultwarden uses a SQLite database. Back it up daily:
Database file: vaultwarden.dbAttachments directory: /data/attachmentsRSA keys: /data/rsa_key*Store backups encrypted and offsite. If you lose your vault and have no backup, you lose everything.