How to Build a Self-Hosted Password Vault: A Step-by-Step Guide

A few months ago, I made a video on LastPass getting hacked and the several security shortcomings of LastPass. One of them being the closed, proprietary security model, especially given how sensitive passwords are to our online ecosystem.

With a proprietary, closed-source security model and the hosting of passwords in the cloud, many users have chosen to move to open-source, self-hosted solutions, where they can have full visibility into the source code and full control of how their passwords are handled.

There are pros and cons to this solution.

Pros

• Secure and private data storage.
• Uncompromised data security as long as the system has been properly secured.
• Full user control over where passwords are stored.
• It's a bit harder than opening notepad and pasting in passwords, but it provides easier integration and flexibility once you have the vault setup.

Cons

• Lack of flexibility with a hybrid device ecosystem like computers and phones.
• Active maintenance and security of the server.

So when should you choose to self-host over using a cloud option?

If you are a one-person team, managing your own passwords is doable and can also be fun for users who want to partake in this project.

It can also be risky to self-host a [password vault](https://password vault) if a user lacks full security competence and exposes the vault to the internet.

The more users one has to manage, the harder it gets, in terms of compute power to serve the various devices as well as managing many users. So if you are in a family or business, using a cloud option may be easier.

Let’s set up a self-hosted vault in Passbolt using a docker container. I am on a Windows 10 machine. I do have Docker Desktop installed and will not be going over how to install Docker Desktop.

You can do this on any device, it may be slightly different depending on the OS.

Watch the Video Tutorial