Right now, I’m using Bitwarden’s official instance, and I am bothered that I have to use Google’s Authenticator app separately for TOTP. Yes, there’s also Aegis and 2FAS, but I have no idea about WebDAV servers and also don’t want to rely on Google Drive for backup, also because I’m moving away from Google services.

I’m planning to run Vaultwarden on a free instance of render.com, and I wanted to know if this was a good idea? Has anyone over here tried this?

What would happen if Render changes their plans and I lose access to the database? Will I still have access to the last-stored cache on my browser extension and mobile phone? And since I’m running a Rust infrastructure, would it use less of the free plan bandwidth that Render assigns?

Do I also need to purchase a domain? Or can I access the app with Render-affixed URL?

  • OminousOrange@lemmy.ca
    link
    fedilink
    arrow-up
    17
    arrow-down
    1
    ·
    1 year ago

    If your issue is with the authenticator, then why not just switch authenticators? I’ve been quite happy with Authy over the years.

    Sure, self hosting can be more secure, but if it’s not on your own hardware, I don’t see how moving to render is better. You’re still using a third party to host your most sensitive information.

    • namnnumbr@lemmy.ml
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Authy is lovely in that it just works, but it is hellacious to migrate off of if you change your mind.

      I also don’t love that Authy is owned by Twilio, a communications/marketing service company.

    • meseek #2982@lemmy.ca
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      This was my thought too. Why are you using Google Authenticator? It’s my understanding that it’s only required to use 2FA with Google specifically because, like Apple, they use their own system.

      Just grab any authenticator, like Authy. Problem solved.

    • Onihikage@beehaw.org
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Authy is pretty bad. They had a data breach that exposed users, they make it really hard to migrate your secrets to another app (God help you if you lose your phone), and they’re completely closed source.

      The best option is probably Aegis Authenticator, but at least do a cursory search for “[authenticator name] controversy” before choosing an authenticator.

      • OminousOrange@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Thanks for the recommendation. I’ll look into transitioning to Aegis. Regarding backups, you are able to have another device in case you lose your phone (I also have Authy on my laptop in case that does happen), but the data breach you mentioned said that may have been a weak point. Either way, I’m going to explore Aegis now.