00:00:00Most people now think password managers are just another subscription you have to live
00:00:04with.
00:00:05I thought that too.
00:00:06Then I stop paying for one password, stop using NordPass, and move everything on to my M4 Pro.
00:00:13Now it's faster, fully private, and it costs me nothing.
00:00:16This is Vault Warden, the open source alternative to one password that will save you from paying
00:00:21another subscription.
00:00:22I'm going to show you how to set this up in your browser, and also how to integrate it
00:00:26right into your terminal to speed up your dev workflow.
00:00:34Now quick point on why all this even matters.
00:00:36Now if you're a developer, your password manager sits right in the middle of sort of everything
00:00:41we do.
00:00:42We have our logins, our tokens, your SSH keys, maybe two-factor codes, it's all right there.
00:00:47So when that tool is expensive, or you're locked into someone else's system, that can become
00:00:52a problem.
00:00:53What if something happens?
00:00:55Maybe password managers are easy, but we end up paying forever, and we're still relying
00:00:59on someone else's infrastructure.
00:01:01Bitwarden's official self-host works, but it's also heavier than most devs actually need.
00:01:06Vault Warden goes the opposite direction.
00:01:09It's a Rust-based re-implementation, it's lightweight, usually under 100MB of RAM, and it works with
00:01:15every Bitwarden app.
00:01:16You get full end-to-end encryption, CLI access for scripts and CI/CD, WebAuth, and YubiKey
00:01:23support.
00:01:24It's great on Apple Silicon, cause I'm running it here on the M4.
00:01:27Let me show you how fast this actually is.
00:01:29If you enjoy coding tools and tips like this, be sure to subscribe to the channel.
00:01:33We have videos coming out all the time.
00:01:36Now here is my entire setup.
00:01:38It's just one simple Docker Compose file with one container, a volume, and an admin token.
00:01:44Once I have all that, I just save the Dockerfile.
00:01:47I can then run Docker Compose up, and we're done.
00:01:50So already that's really quick.
00:01:52Anyone with basic Docker knowledge can do this right out of the box.
00:01:56Now I can open localhost on port 8080, I will create an account, and you've got your own
00:02:03vault running locally.
00:02:05Now let's just add a login here, just a dummy GitHub account for this purpose.
00:02:10And you can make a new login as expected, and even generate a random password right here,
00:02:14which is pretty cool.
00:02:16Now this is the web version.
00:02:18You don't need any special app or anything for this, it's all localhost.
00:02:22Now if I go and install the normal bitwarden Chrome browser extension, here it is.
00:02:28It's downloaded.
00:02:29I go to make an account, and I just set the environment to self-hosted.
00:02:34I return to the login page, and now I can use my actual username and password to log
00:02:38into that Chrome extension that we created on the web app.
00:02:42Autofill still works instantly, which is great, and I did all this really fast, and we are
00:02:47completely self-hosted now, which is really cool.
00:02:50If you want to jump into a CLI, you can log in with the bitwarden CLI and pull credentials
00:02:55directly, which means you can script secrets into your workflows.
00:03:00First off, I will brew install the bitwarden CLI, I'm on that Mac, right?
00:03:04Once that's done, I will just log in by saying bw login, type my email, enter my password,
00:03:10I'm done.
00:03:11Now that it's all set up to use, I can run bw unlock at any time, retype my password,
00:03:16and tell it what to do.
00:03:18For example, we have that github login, so if I run bw get password github, it returns
00:03:24the password we want from our vault warden.
00:03:28And I set this up in three ways, and you saw how fast this was.
00:03:31Super easy.
00:03:32Now let's put this into context.
00:03:34One password is great, but it's a closed ecosystem.
00:03:37Bitwarden cloud is great, but again, like one password, it's still this subscription service.
00:03:42Bitwarden self-hosted is great, it's powerful, but it's a lot heavier than we actually need.
00:03:47So vault warden is even better because it's lightweight, it's fast, and it's still free,
00:03:51and it works with all those bitwarden clients you already have.
00:03:55And the real difference here isn't just cost, it's more control.
00:03:59Your data never leaves your machine, there are no paywalls, and you don't have to learn
00:04:02a whole new system.
00:04:04That's why more and more devs are actually sticking with it.
00:04:07You set it up once, point your clients at it, and it just works in the background.
00:04:11So I liked it, but what are others actually saying about it?
00:04:14Well, like I've been saying, right?
00:04:15It's fast, especially on Apple Silicon, then it has full features paired with paid tools,
00:04:20so attachments, folders, organizations, two-factor, all are there.
00:04:24And also the CLI and API make it really easy to automate things, which is where it really
00:04:28starts to feel more like a dev tool.
00:04:31And the privacy, well, there's a lot more privacy.
00:04:34It's end-to-end encrypted, self-hosted, and fully under your control.
00:04:37Now if we flip the switch on all this, we are now responsible for updates and backups, which
00:04:43is a trade-off for control.
00:04:45Although Docker makes it pretty simple.
00:04:47There's no official mobile app, but you just use Bitwarden's app, and it works completely
00:04:51fine.
00:04:52It doesn't include anything advanced features like SCIM, but most of us don't need that anyways.
00:04:56So the downsides are there, but they're not a whole lot.
00:05:00And I'm pretty sure playing around with this more and more, either you or I are going to
00:05:03find something else we don't like about it.
00:05:05But for now, this is an awesome tool, and the fact that we have the CLI really allows us
00:05:10to integrate it.
00:05:11So is Vault Warden worth it?
00:05:12Well, if you're on something like an M4 Pro, easy yes.
00:05:14If you care about privacy, and you don't want subscriptions, also easy yes.
00:05:18If you're already using Docker, which I assume we all are for something, it makes a lot of
00:05:22sense, and it's super easy to set up.
00:05:24Even if you're new to self-hosting, this is one of the easiest places to start, because
00:05:28it's immediate.
00:05:29You save money, you keep control, and your day-to-day workflow stays smooth.
00:05:33Now if you want zero maintenance, and you're fine with paying these subscriptions, right?
00:05:37I mean, look, I use 1Password still.
00:05:40That's great.
00:05:41Bitwarden Cloud is still a better fit.
00:05:43I get it.
00:05:44If you want more control that's hard to beat, Vault Warden is a pretty cool match.
00:05:48If you enjoy open source tools like this and coding tips, be sure to subscribe to the Better
00:05:52Stack channel.
00:05:53We'll see you in another video.