Well, only if you host it in the cloud. Not if you host it at home, for example.
Well, only if you host it in the cloud. Not if you host it at home, for example.
If I understand it correctly, the passwords are stored encrypted, but not the additional data, like website-URLs and app-names. This way the password manager only needs to temporarily decrypt a specific password when it’s needed for auto-fill. In regards to the passwords that’s probably a bit safer than keeping all the data and the passwords unencrypted in memory. But the cost is that all the other data is stored unencrypted.
I’m currently looking for a software to host my images and I found this table quite helpful to compare features: https://meichthys.github.io/foss_photo_libraries/
Just did that for my instance. Luckily it’s fairly easy. Since there were no human registrations after those bots I just looked up the lowest bot id in the local_user
table which was 9
and then used delete from person where id in (select person_id from local_user where id >= 9);
. Thanks to the references and triggers on the table, the rest of the database was also cleaned up by that, including the local_user
table.
While looking for a way to enable captchas I found out that they will remove that feature from lemmy: https://github.com/LemmyNet/lemmy/issues/2922
Security is only one part of it. If you host a password manager yourself then things like availability, backups, disaster recovery and monitoring also become your responsibility. I’m hosting my own vaultwarden but there is only a very limited amount of people I would suggest self hosting a password manager to, because I know they have the knowledge to do it and understand the risks.