Bitwarden: The Best Selfhosted Password Manager? (2022)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello ibra army and welcome to 2022 our first  video for the year here at ibrahim thank you   so much for coming in and checking out the channel  this year first video of the year for us and we're   hoping it's going to be one that ticks a few  boxes for you to get your year started right   and a little bit more security conscious  today we're going to be looking at bit   warden i'm going to show you guys how to install  bitward and use it for your family for yourself   to help manage your passwords and even  generate passwords and a bunch of other   features that are offered through bitwarden  to help you really get control of all your   data when using sign-ins now bit warning by  itself is hosted in the cloud but when you use   bolt warden with it we can host it ourselves  therefore making it a self-hosted alternative   i'm sure many of you have heard of bit warden i'm  sure many of you have even installed it and are   currently using it so i'm hoping this video might  give you a couple of extra things that you may   not have known or if you haven't tried it yet at  least to give it a go we'll be showing you how to   install it using docker specifically we're going  to be installing it on unraid but i'll also show   you the docker run command so that you can install  it on any other operating system where docker is   used so if you're interested you'll want to know  more and you'll want to protect yourself and your   passwords and your family's passwords and stick  around without further ado let's get stuck into it so guys welcome back i hope you all had a  fantastic christmas period and new year holiday   it's been very very busy for everyone i it's  crazy to think that that year has gone so   quickly time is about a concept sometimes  and you just wonder where it all goes   in our case you're obviously finding this video so  we're helping you get through the year already so   we're kind of proud about that but in  all seriousness we're going to be looking   at bit warden and bit warden is a really  versatile application and server in our case   that will allow us to manage our passwords have  encryption and cross-platform applications for   as well so we can use it on our phone which i will  show you later and we'll be able to use it all for   free so here on bitwarden's main website and if  we start scrolling down a little bit we'll have   a look at what they offer so here you can see  they have end-to-end encryption they lock the   passwords and private information with end to  end 256-bit encryption salted hashing and all   the rest of it so we can rest assured we're  applying all the common security practices   through the passwords encryption as we said it's  got cross pro as we said it's got cross-platform   applications so we can use it on our browser  mobile device and desktop applications as well   it's got a very wide community base bit warden's  been around for a while and so there is a lot of   adoption to the application there are some other  alternatives out there for password retention   like lastpass for example but i think what sets  bitwarden apart is definitely the self-hosted   option and the fact that it's free so if we had  to summarize bit warden real quick what is it   how does it work so bit warden helps you generate  save and manage your passwords safely and securely   you can also share secure information easily with  others in your organization it's not just designed   for home users you can also use it for your family  but you can also use it for business use as well   let's say you had a business you wanted people to  always use up-to-date passwords you didn't want   the password stored outside of your organization  this could definitely be the option for you here's   a couple of the features and benefits that they  provide secure password sharing fantastic we   want to be able to share the passwords quickly  and easily now that's something that i actually   really do like about it because you can then  have you know a central folder or your team for   example and everyone in the team has access to  it and they can all see the passwords in there   but cross-platform accessibility can access  critical data in your bit warden vault from   any location browser and device you can have the  cloud-based option if you choose or the self-host   option which we're going to show you today you've  got your directory sync so you can really keep   everything connected vault health reports you've  got security auditing and compliance so it's   meeting all the regulations that are being put  on by authorities in terms of password security   always on support so they do have support access  as well if you wanted to i'm not sure whether   that's going to be an option when you use the free  option but we'll see detailed event logs flexible   integration so you can pull it in with your sso  directories you know active directory whatever   the case might be and we'll look at the plans and  pricing in a moment but i'll just finish the page   here just to give you an idea for those that are  interested it is open source but end to end and   it's third-party auditors they are audited by qi  53 who provide them their validation i suppose to   prove that they are secure and the methods they  use are secure as well so let's go up real quick   we'll go to plans and pricing but this is what  they offer on their website here business plans   you got three dollars a month per user enterprise  is five dollars i'm sure some of you aren't   looking at this for a business solution uh if  you are those are the prices for us that are   looking for personal plans here's what you get  offered here so you've got the basic free account   free forever premium account ten dollars a year  or less than a dollar a month and then you've   got sharing access as well so your two-person  org that's free but if you want families which   is up to six people it's 3.33 and you can see  each level gives you a little bit of different   features so with the premium here we get access  to advanced two-factor auth emergency access bit   warden authenticator and more however what this  doesn't exactly show us is the self-hosted option   because you can if you wanted to use bitwarden  without setting up a self-hosted server   and in that case you would just use their website  sign up and there you go you've got the access   and then later in our video you'll be able to  actually use it it'll look the same we'll show you   how to use it but if you don't want to self-host  the server part of it you can just sign up here   as well here's the rest of those features that  we talked about and in a little bit more detail   as to what you can get with each level now keep  in mind that's when we're looking at the cloud   based options so that's pretty much the rundown i  think that's plenty enough for you to understand   exactly what it is so what we're going to do now  is get into the install like we normally do we're   going to jump into the install and we're going  to see how we can apply this in our day-to-day   life i'll also show you on mobile how that  looks so that we can have that for comparison   so before we jump into the install we have to  explain the second part of what we're doing   the bit warden itself does not offer the  self-hosted solution that we're looking for   instead we need to find vault warden now  this previously was called bit warden rs   it was renamed and that was because it's not  officially from bit warden and the developer   just wanted to avoid some sort of copyright  issues and confusion for users as well   so here we are on their github it's danny garcia  forward slash vault warden as you can see it's a   unofficial bit water compatible server ridden in  rust if we scroll down the bunch of information   here what we can follow but here's what you get so  using this self-hosted option we get organization   support attachments the vault api support serving  static files for vault interface website icons api   authenticator and utf support as well as ub key  and duo support so as you saw in the other option   on the official website those were features that  are considered premium but because we're going   to self-host it and we're using vault warden  vault warden gives us those options for free   if we scroll down a little further you've got your  docker run command so those who are following this   video and are just using plain docker in whatever  operating system you've got you've got the docker   run command there for you and you can just run it  that way it also explains a couple of options when   it comes to your volume mapping and things like  that it's all in the wiki the wiki is actually   pretty good so i highly recommend you guys check  out the wiki so just under the wiki tab here and   you scroll down you've got all these things that  you can go through and really help you understand   what's going on there's a bunch of different  options so what i'm going to show you today   is going to be our method of deployment  and it's going to be on rate of course but   you have all these other options if you wanted to  now if you wanted https directly from the server   itself you can do that and apply let's encrypt  certificates but we're going to be doing a reverse   proxy option so i'm going to show you how to  do that so you can get access to it remotely   while also reverse processing it through nginx  proxy manager okay so we're on our unraid server   we've gone to the app store and we've searched for  vault warden now there's only one option there at   the time of this video which is the official vault  warden repository as we go through we look for the   potentially common options that we typically  like to tell you guys about and we've told you   about it many times the network type we've got our  custom docker network set ibra proxy set you don't   know how to do that we have a one minute video  showing how to set up a custom docker network   the next thing we're going to look at is the  port 4743 i know that is free on my system   if it is not free on your system adapt it to  suit when you use the docker run command it's   actually 8080. that will apply to you guys who are  using the docker run command just check that the   port is available if not doc is going to tell you  anyway and it will fail but just to save you that   extra couple of seconds if you know it's free  use that how do we want signups to be allowed   so do we want people to be able to navigate to  the warden page that we've set up and actually   sign up for it that'll give them access and allow  them to see passwords and actually give them their   own account do we want invitations to be allowed  so do we want to be able to invite people however   admins and anyone with administrator access can  still invite people even if this is set to false   but this is more if for example you've got a  non-admin user in there and you want them to be   able to invite others so in my case i'm actually  going to set these to false that doesn't apply to   my setup and what i want to do with mine but  if you guys see a need for that be sure to   read up about them on the wiki and see whether  those options work for you websockets enabled   applies to web socket notifications the websocket  notifications will basically tell any of the bit   warden clients whether a important event has  happened that's really important you might want   to be notified if something happened somebody got  access or password's been found to be compromised   things like that so you can enable it i'm going  to enable it then you're going to come over to   here and it's going to ask for an admin token now  ironically enough bit warden will actually allow   us to generate passwords and we can set a whole  bunch of different settings onto how secure we   want those passwords but until we get it set up we  actually need to use another service just to give   us this admin token first and then after we've got  it set up bit warden will handle it all for us so   in this case we've gone to passwordgenerator.net i  believe and i've just punched in 48 for the length   i've taken out symbols i know that symbols make it  more secure but i've actually found a lot of the   time especially for you guys who are following our  orthelia guides having symbols in the passwords   can cause issues um especially when it's like  an escape character or something like that   so i usually uncheck it numbers is fine upper  and lower case is fine uh we eliminate similar   characters but if you wanted to make it even  more complex you could actually leave that   we'll generate the password and then we can click  copy so back in our template we'll paste that here   and now we have our admin token ready to go  just for those wondering i'm obviously going to   change this before i click apply so then we have  a different password to what i've shown you guys   once you're happy with all that  we can pretty much click apply   now for our volume mapping we've got appdata  vault warden that's fine we're going to leave it   at that same applies to you guys running this in  docker run command make sure you've got a volume   which you want the application data to be saved  so that we are persistent definitely don't want   to lose all your passwords in one swift move so  once you're happy with it go ahead and click apply   okay so here's our container it's finished and  it's running what we might do is actually move   this into one of our docker folders we've done a  video on this it's called docker folders and it's   in our uploads so if you want to know how we did  this all and how it looks with all these animated   graphics be sure to check that video out what i  might do is set it under web services in my case   that just seems to work better check that and add  it to the folder so we have the container running   it's installed and we're ready to go the next  thing we need to do is actually set up our reverse   proxy and our sub domain and the reason for that  is we need to be coming through a https connection   to access the vault so it's actually better off  for us to set up that stuff now and be able to   access it remotely and then we can set it up so  what i'll do is actually go to cloudflare first   then we'll set up internet proxy manager so here  we are on our cloudflare account we're going to   create a c name we're going to call it warden and  we're going to point it directly at our server now   in our case our server has a different address  in your case you could just put the at symbol   and it should take you straight to where you need  but we're going to leave it at that and click   save with the cloudflare part done we then go to  nginx proxy manager now in nginx proxy manager   we're going to add a proxy host let's click add  proxy host for the domain name we put in the one   that we created then we've started filling out the  information so in here you can see we've put the   ip address now if you followed our instructions  and set up a custom docker network instead of   putting the ip address we can just put the  container name so we can put vault warden and that   should in my case i haven't gone back and updated  all mine yet so i've just been putting the ip   address but i will eventually do that so i highly  recommend you guys just use the container names   because that will make it a lot easier if you have  to restore a backup and the server's ip address is   changed for whatever reason then it's going to  go by the container name instead we're going to   enable a couple of these options websocket support  go over to ssl we'll apply our cloudflare origin   certificate so if you haven't seen that check  out our nginx proxy manager and cloudflare video   then we'll go ahead and click save now  let's click on it and see if that works   now sure enough that works and we're in at  the page from our reverse proxied address   so in here we're going to go and click create  account now i've currently got dark reader on   so i'm trying to make it as dark as i can  for you guys it's just easier for you to see   we've got our email address we've got our name  we've then created a master password which i   have to reiterate is very very important that you  only know this password and that it's completely   unique from any other password you've got with  this password anyone can get in to all of them   then you can have a optional hint if you like or  the master password so you put whatever you want   if you need a helpful reminder just in case  once you're done go ahead and click submit   commission now you may find you're not able to  create the account and that was our first test   so if we go back to the template click on vault  warden and in the template we've got the sign   ups allowed variable set to true by default it's  set to false so act won't actually allow us to   create our admin account so what we've done is  set signups allowed to true created our account   and now we can come back here and actually set  it to false then back on our bit warden page we   can go ahead and click login once you first sign  in you're greeted with the main dashboard page   you've got the vault you can create organizations  and you can go through all the different   types of passwords down the left hand side of the  page we can then also send passwords so looking   at the top bar here we can go to send a password  create new send give it a name what type of file   it is whether it's text click file and click copy  to share upon save you then have all these other   options so if you wanted it to expire after a  certain date delete itself after a certain day   things like that so it's almost like giving  someone a note that automatically destructs   you know double 07 style after they've read it if  we go to tools you then got all these other tools   that you can use so like i said before we've got  a password generator that we've got here so i can   basically replicate what we had before and have  a giant secure password if that's what you wanted   we can import data if you're using something like  google chrome or anywhere else where you're saving   those passwords currently we can actually bring  them over so in whatever system or program you're   using to save your passwords now there usually  is an export option which will then allow you   to import it here in the format section you've got  all these different options you have to pick from   so you can see all the popular names that you  might know about already if we go up you know   we've got chrome there we've got keep pass  we've got lastpass we've got all sorts of   different options here that you can import so  that you don't have to start all over again   you can then export it as well so if  you wanted to export it you can do that   you've got json csv and json encrypted  options and that's just if you wanted   another backup or if you were to  move back to another system later   you then got options to report so we've  got exposed password report reuse password   report weak passwords unsecured websites inactive  two-factor authentication and data breach but this   is actually really powerful and gives us a lot of  insight into where our passwords have been used   how they're being used and whether they've been  compromised something that i think a lot of people   don't pay too much attention on myself included i  get notified quite often and i'd kind of just let   it go the next tab at the top is our settings  tab so if you go into settings then you've got   all these options down here so we can change  your email your master password your encryption   whatever the case might be perhaps you signed in  in a bunch of other places you can de-authorize   those sessions immediately and even delete  all your passwords instantly if you wanted to   you only got options here for timeouts you  know basic settings how long do you want to   sign out from signing in do you want it to lock  so every time you have to enter your password   you can have gravatars you can disable the website  icon so when we put a password in it'll see what   that website is if it's google for example  it'll put a google icon next to the password   and that helps you find it a lot easier we've only  got all these different themes so i might actually   set the dark theme here so i've set the theme to  the dark theme and i've turned off dark reader   and you can see it looks really nice that's  a really good color scheme i like that   you can go to organizations and then in here  we can actually create our organizations we've   then got our organization and billing email  we click submit and now we actually have an   organization in here how cool is that that within  that organization we then have tools and settings   that we can apply if i go back to settings real  quick a couple of other things i need to show you   the next thing you've got here is two-step  login if you're using something like authy   google authenticator ubk whatever the case might  be you this is where you will then set it up   and it's really important that you do it it's  that extra level of security at the very least   set up your email verification codes do that so  that you can have that all ready to go then you've   got domain rules so under here we can see whether  you have the same login across multiple different   website domains and so this might be helpful in a  scenario where you might have the login saved for   services.google.com but you don't have this  password saved or it's not coming up for   admin.google in that case you could  then add those in here so that you had   them joined together and it would say these two  are basically the same company i want to use   the same password or you know they might have a  different name but they're the same organization   we then have emergency access so grant and  manage emergency access for trusted contacts   they may request access to either view or take  over your account in case of an emergency let's   be honest i don't know how often that might happen  or if you want to use it but the option is there   just make sure the passwords that you've got in  there probably aren't to some naughty websites   then you've got free bit warden family so if  you wanted to set up your family account you   can do that here and under the organization then  you can have all this stuff here as well so if   we go to manage under the organization we've got  people collections and policies so this is not our   personal account if we want our personal account  it's up here in my vault but under organizations   this is where we can add more people so we can add  our family or our team whatever the case might be   and then we can have them all in this one space  you've also got collections and then you've got   the policies so you know if you look if you want  to have an account on our bit warden server you   must have two-step authentication or they're you  know we want you to use the password generator   so we give them the requirements for that then  they also have tools here for the team so you can   do all the same things that we can do  for our personal account but for the team   and then you've got settings there so you can  change any sort of details you want about the   team as well so guys that's a walkthrough of  the interface it doesn't stop there so we have   a server it's set up and running we've logged  in we've created an account we've disabled any   person being able to sign up any further now we  want to be able to use it how do we go about using   it the obvious answer is using it directly from  our url but that's not really user friendly what   you might want to do is actually get the extension  for your browser in that case you would look up   bit warden extension and you'll go to the google  chrome one for example if you're using chrome   here it is in the chrome web store once you've  found it go ahead and click add to chrome   we'll add the extension and it's  going to give us this page saying   it's installed so how do we use it i'll  look up in our extensions panel up here   you'll see bit warden sitting right there what  i might do is pin it just to make it a bit   easier to get to and then we'll left click it now  you're going to have a bunch of different options   if you are using the direct with bit warden  account this is where you will just simply log in   if we're self-hosting we need to do a couple  of extra things so click on settings here   and it's going to give you the option to add your  self-hosted environment so what we're going to do   is put in our url with the url set we'll click  save so now that that's been set we should be   able to sign in so go ahead and sign in so  put those details in and then we click login now it's let us log in so we have a browser  extension ready to go whenever we want to save the   password let's test it out i'm going to go to bit  warden's main website here and here we come across   our first dilemma we need to create a password  what are we going to do let's go up to bit warden   in our extensions here we'll go to generator and  we'll tell it to generate a password for us we   want a pretty secure one so why don't we say 30 we  can click regenerate and then we can even copy it   let's then paste that here and then click  the box you'll be asked to do some stupid   capture which you know how much we love doing  that here at ibracorp then we click submit   you can see it's asking us for our details  because we want to add it to our vault now   so what kind of login is it so what kind of  password is it we're going to say it's a login   the name of the website is bit warden that's  what we've given it then the authenticator key if   you're using an authenticator key which is also a  really important feature for systems and services   where using a one-time pin this will actually help  you sign in and automatically know what the next   number is in sequence of that one-time pin you've  then got the option to pick the folder we haven't   created any folder yet so we'll leave that  any notes you might want to add and who owns   the item so if we have our organization for  example we can put that under the organization   i'm gonna leave it as my personal one go  up once we're happy with that go ahead and   click save so we've refreshed the page and if  you look in the top right we've got a little   one indicator next to the big warden tab what  that is telling us is that we have a password   for this website so it's given us this website  and it says okay we've got a password here   we want to log in just click it how easy was that  let's start that again i'll back everything out   and as you can see on the chrome web store for  example nothing comes up on the bit warden page   we've got the one there we click it and we just  click on that and it will autofill those details   in for us then we click log in and away you go  so then that is now working so that was using   bit warden through a browser extension which  allows us to get through websites really easily   the other option you've got is actually using the  desktop applications that they have created as   well but they've got the windows mac os and linux  options and if we go to more options down here   they've got a couple of different ones as well  then of course you've got our web browsers and   you've got command line even mobile so we'll get  to mobile shortly but with this for example let's   use the windows one just to show you guys how that  looks so there's our installer we'll click install   and then we'll run it so now we're presented  with a desktop application similar to what we   saw before what we'll need to do again is go to  the settings and we're going to set our server url   and then we'll click save then we sign in with  those credentials we press sign in and there you   go so now we actually have a desktop application  managing our passwords as well so what's the   beauty of that in mind i'll show you so if we  minimize this so what you'll notice now that we   have the application installed we actually have  a new context menu in our right click options   if i right click we'll see bitboard in there  and then we also have the option to autofill   copy information or to generate a password pretty  cool so if i click generate password so on here   for example we've got this password option if i  just right click go bit warden and say generate a   password for me and then we paste it it's created  our password for us the next thing i want to show   you guys is on the application on the phone now  unfortunately even using a screen recorder on   the phone bit warden will actually black out the  screen so it can't be recorded and that's probably   a good thing i don't think it's necessary i mean  it's pretty easy to figure it out on your own as   well but the options are there for you when  you need it you've got the authenticator and   you've got the encryption so here we are on the  android app store we've got the play store open   we're looking for bit warden password manager  we've done that we can then open up the app   and it's going to ask us to sign in same  thing applies we're going to go to settings   under the server url we're  going to put in our ibracorp url and then it should allow us to sign in   once we've then signed in on the phone we then  have all of our typical options so we've got our   login option there we've also got our password  generator so you can have a password generator   on the go anytime you need it and then instantly  be able to save that password you've got all these   different options we can then also send a password  over to someone or we can add some more if we like if we go to the settings we've got  auto fill services so as you can see   we can then tell bit warden to become our android  auto fuel instead so if we click that for example   it's going to ask us which autofill service  we want to use in our case we would pick pete   warden so now anytime we sign into an app uh  anytime we sign into a page on our browser   on our phone it will automatically work for  us as well so now we've pretty much covered   end to end from using it on a computer to a  browser to our phones or mobile devices so   guys that was bit warden with our back end of  vault warden so big props to the developer of   vault warden please go and support the project  there give them a bit of love if you like what   they're doing it's really really important even  throw them a star on github at the very least   if you like what we're doing and you want to  help support us going into this new year please   feel free to support us any way you can by either  joining our discord liking our videos subscribing   to the channel or buying us a coffee or beer using  our website or paypal to help us keep going we   really can't wait to keep sharing with you more  this year and thank you for hanging with us if   you have any video ideas if you have any feedback  you want to give back to us be sure to drop it in   the comments below or in our discord channel we  can't wait to see you in the next april video you
Info
Channel: IBRACORP
Views: 32,607
Rating: undefined out of 5
Keywords: vaultwarden, bitwarden unraid setup, vaultwarden unraid, bitwarden self hosted, selfhosted, bitwarden tutorial, ibracorp, self host bitwarden, bitwarden, bitwarden docker, bitwarden password manager, ibraco, ibra corp, ibracorp unraid, ibracorp 6.9.1, ibracorp australia, ibracorp tutorials, password manager, bitwarden review, bitwarden totp, best password manager, free password manager, best password manager 2021, linux, keepass, lastpass, open source, self hosted, keepassxc, Nordpass
Id: cUDAwYhwr2w
Channel Id: undefined
Length: 28min 53sec (1733 seconds)
Published: Sun Jan 02 2022
Related Videos
VS Code-Server 2022 | Selfhosted Visual Studio + Extensions | Create, Edit, & Publish
IBRACORP
44K
BEST Password Manager 2024 | TOP provider revealed!
CyberNews
17K
Bitwarden Vs Vaultwarden: Review & Comparison
Pro Tech Show
31K
Passbolt - Why I Can't Recommend This Password Manager
DB Tech
15K
Homarr Is Here To Stay. Here's Why | Selfhosted Homepage
IBRACORP
38K
This is perhaps my favorite password manager for the terminal
Dreams of Code
132K
Let's Install: Vaultwarden with Docker and Cloudflare
Techdox
4.4K
Don't Be Another Data Breach Victim! Self-Host Your Own Password Manager with Vaultwarden
Jim's Garage
8.4K
Faster Logins with Passkeys | Bitwarden Passkey Tutorial
Jason Rebholz - TeachMeCyber
9.4K
Authentik - open source, self hosted authentication system with OIDC, SAML, and more...
Awesome Open Source
37K
Most PRIVATE Password Manager
NBTV (Naomi Brockwell TV)
211K
Password Managers: KeePassXC VS Bitwarden
Lawrence Systems
78K
Bitwarden vs KeepassXC - Which Is The Best Password Manager?
The Linux Cast
12K
Unmanic - Library Optimizer - Save Petabytes of Space & More
IBRACORP
34K
The Easiest (and MOST SECURE) Way to Log into Bitwarden
Jason Rebholz - TeachMeCyber
14K
Honest Bitwarden review | Is Bitwarden really the best there is...?
CyberNews
10K
Self hosted, open source password manager built for teams!
Christian Lempa
65K
Protect Your Privacy! Use Matrix: A Self-Hosted, E2E Encrypted, Alternative to WhatsApp and Signal
Jim's Garage
14K
How to Setup Self Hosted Bitwarden
Lawrence Systems
115K
Unraid 6.12: Review, Tips & Tricks | What We Learned
IBRACORP
27K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.