Because, as usual, the actual info is hard to find: They looked at Bitwarden, LastPass, Dashlane, and 1Password (see https://zkae.io/)
As a user of https://www.passwordstore.org/ (GnuPG+Git, and I use a https://www.nitrokey.com/ and self-host the repo via https://forgejo.org/) I feel:
a) Overlooked b) Vindicated c) Quite safe
;-)
this… makes me want to host my own bitwarden instance, because it’ll be far less of a target than BW itself. Plus i wouldn’t expose it to the internet since I’m being NAT.
aaaand it’s up and running. since I wasn’t a paying member of BW, i got VW and checked out the breached passwords. I had like 8 passwords that were breached. So i went along and changed them. Anyway, I feel a bit safer now.
Well done. Vaultwarden is quite easy to selfhost.
I think I’ll be joining you I’ve been meaning to get around to that and this is as good a time as any.