A few months ago, I made a video on and the several security shortcomings of . One of them being the closed, proprietary security model, especially given how sensitive passwords are to our online ecosystem. LastPass getting hacked LastPass With a proprietary, closed-source security model and the hosting of passwords in the cloud, many users have chosen to move to open-source, self-hosted solutions, where they can have full visibility into the source code and full control of how their passwords are handled. There are pros and cons to this solution. Pros Secure and private data storage. Uncompromised data security as long as the system has been properly secured. Full user control over where passwords are stored. It's a bit harder than opening notepad and pasting in passwords, but it provides easier integration and flexibility once you have the vault setup. Cons Lack of flexibility with a hybrid device ecosystem like computers and phones. Active maintenance and security of the server. So when should you choose to self-host over using a cloud option? If you are a one-person team, managing your own passwords is doable and can also be fun for users who want to partake in this project. It can also be risky to self-host a [password vault](https://password vault) if a user lacks full security competence and exposes the vault to the internet. The more users one has to manage, the harder it gets, in terms of compute power to serve the various devices as well as managing many users. So if you are in a family or business, using a cloud option may be easier. Let’s set up a self-hosted vault in Passbolt using a docker container. I am on a Windows 10 machine. I do have Desktop installed and will not be going over . Docker how to install Docker Desktop You can do this on any device, it may be slightly different depending on the OS. Watch the Video Tutorial https://youtu.be/t77qcvfv0wk?embedable=true&transcript=true This article was part of where we share the best tech content that YouTube has to offer. HackerNoon’s YouTuber series If you want to see more from this series, check it out here.

The code in this story is for educational purposes. The readers are solely responsible for whatever they build with it.

Walkthroughs, tutorials, guides, and tips. This story will teach you how to do something new or how to do something better.

How to Build a Self-Hosted Password Vault: A Step-by-Step Guide

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

How Hackers Host C2 Servers on Google Infrastructure (Google Sheets & Drive)

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

How Hackers Host C2 Servers on Google Infrastructure (Google Sheets & Drive)

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps