Self-hosting Vaultwarden: a password manager you actually own

Every password you have sits in a vault somewhere. The question is whose vault. If you use a hosted password manager, the answer is "a company's" — and every so often the headlines remind us how that can go wrong.

There's another option: run the vault yourself, on your own server. The tool most people reach for is Vaultwarden, and it's more approachable than it sounds.

What Vaultwarden is

Vaultwarden is a lightweight, self-hosted password manager that speaks the same language as Bitwarden — which means you use the official Bitwarden apps and browser extensions you'd use anyway, except they talk to your server instead of someone else's.

And it's tiny. The official Bitwarden server is a heavy stack; Vaultwarden is a single small program written for exactly this job, happy to run on the cheapest server you can rent. Same vaults, same autofill, same apps on every device — just pointed at a box you control.

Why run your own

Three reasons people make the switch:

• Ownership. Your passwords live on hardware you rent and control, not inside a service that can change its terms, get breached, or simply disappear.
• Privacy. The vault never touches a third party. It's yours, end to end.
• Cost. No per-seat fees. Sharing with family or a small team — something hosted managers charge for — is just included.

For a lot of self-hosters, a password manager is the first thing they want to own, precisely because it's the most sensitive.

What it takes

A password manager is the one service where you don't cut corners. To run Vaultwarden properly you need:

• A server to run it on (a small one is plenty).
• Docker, the usual way Vaultwarden is packaged.
• A domain and HTTPS — non-negotiable. Bitwarden's apps refuse to connect over an insecure link, and rightly so: your vault must be reached over https://. (If that part is new, we wrote a guide on getting free HTTPS on your own server.)
• Backups you trust. This matters more here than anywhere else — the data is your passwords. Lose it without a backup and there's no reset link to save you.

None of these are exotic, but together they're the same wall of setup that stalls people on every self-hosting project.

The shortcut

This is exactly what Server Manager is built for. You connect your server, then ask for Vaultwarden in plain English. It deploys the container, points your domain at it, turns on HTTPS so the apps will connect, and sets up backups of the vault — the four things above, handled for you.

From there you open the Bitwarden app, point it at your own domain, and create your account. The vault is live, and it's yours.

Your passwords, your server

There's something fitting about the most private thing you own — the keys to everything else — living on a server that's actually yours. No company in the middle, no terms to accept, no breach notification to dread. Just your vault, on your box, reachable from every device, exactly as a password manager should be.

If you're newer to all this, our guide on what to do with a fresh server is a good place to start; the help guides go deeper when you're ready.