[jerf]

I'm running Vaultwarden because while on the one hand I'd like to just pay a company to make my password problem go away, I don't know who I can actually trust to not try to take advantage of the fact they have all the keys to all my kingdoms at some point. I see some people complaining about "Private Equity", with justification, and before that it was the "Harvard MBA" mindset, where businesses are encouraged to think of their customers as a resource to be stripmined rather than relationships to cultivate.

I don't like being considered a resource to be stripmined by any company, but some are worse than others by the nature of our relationship. I do not need a company greedily looking at my bank password, my Google password, my brokerage account password, and even having them be tempted to look at my set of passwords with them and start valuating which password they can "intermediate" and charge me more for using. I don't even want them pondering the question of how they can break exports ("oops, sorry, passkeys can't be exported because $SECURITY_BLATHER, guess you won't be migrating" - to be fair, while I think Bitwarden had that for a bit I believe it's no longer true, but AFAIK it is true of other things that will hold passkeys for you) so that they can extract the value of my passwords to me.

I don't trust Private Equity or the Harvard MBA mindset to be allowed to hold on to my passwords. I don't trust any company holding passwords to not eventually be acquired by PE/HMBA types looking to stripmine my passwords. I don't trust any company that is, once you trace the entire value chain down, basically taking out real debt with my passwords as collateral. They get the money, I get the risk. Hard pass.

So I'm not happy about self-hosting my password vault in some sense... but who else can I trust?

[dolmen]

As long as you continue to use (and upgrade) the Biwarden client apps, you should consider that BW could have the keys of your garden: they have control of decryption and encryption code, so that code could leak the key, whatever the server.

[crabmusket]

Is this a market failure?

I'm trying to work out why it feels bad to trust a private company with this kind of information, whereas "we" are happy to trust AWS with our servers, Hashicorp with our Vaults, etc.

But these businesses seem to rely on some amount of scale for their trustworthiness. Password managers seem like a cottage industry in comparison, especially as lots of their users will just be "normies" and even ones on a free tier, because ~nobody thinks they should pay for a password manager?

> I don't trust Private Equity or the Harvard MBA mindset to be allowed to hold on to my passwords.

I agree, but you have credible exit. As annoying as it is, it seems quite feasible to continuously migrate to the next provider who is currently in their "don't be evil" phase.

Someone on lobste.rs suggested there should be a worker-owned co-op for password managers. This fits my personal bias, but I wonder if it would be any more resistant to this failure mode? Co-ops can be bought out also, and depend on strong leadership to prevent this.

Maybe a customer-owned co-op instead of a worker-owned one could make it more impractical to buy out. Or a foundation model like Signal, Wikipedia etc.

EDIT: I'm reminded of https://fleetdm.com/ business model, which is heavily open source yet paid. That seems like essentially what Bitwarden was? And presumably Fleet is not protected from the same outcome, no matter how inspiring their example is right now.