Vaultwarden is an unofficial, open-source server implementation of the Bitwarden Client API, written in Rust. It is designed to be compatible with official Bitwarden clients, including mobile, desktop, and browser extensions, allowing users to self-host their own password management infrastructure. Vaultwarden was formerly known as bitwarden_rs and was renamed to avoid confusion with the official Bitwarden server and to address trademark concerns.
The primary purpose of Vaultwarden is to provide a lightweight, resource-efficient alternative to the official Bitwarden server, which can be demanding in terms of system requirements. Vaultwarden is particularly well-suited for individuals, families, and small organizations who wish to maintain control over their password data and infrastructure without relying on third-party hosting. The project is not affiliated with Bitwarden, Inc., although one of its maintainers is employed by Bitwarden and contributes independently.
Vaultwarden offers a nearly complete implementation of the Bitwarden Client API, supporting a wide range of features. These include personal vault management, secure sharing through Send, file attachments, website icons, personal API keys, and comprehensive organization support. Organization features encompass collections, password sharing, member roles, groups, event logs, admin password reset, directory connector for syncing users, and security policies. Vaultwarden also supports multi-factor authentication methods such as authenticator apps, email, FIDO2 WebAuthn, YubiKey, and Duo, enhancing security for users. Emergency access functionality is available, allowing trusted contacts to access vaults in critical situations.
The server includes an admin backend for managing users and settings, and it bundles a modified Web Vault client for web-based access. Vaultwarden is built on the Rocket web framework, which supports TLS, but the recommended deployment method is behind a reverse proxy for enhanced security and flexibility. The project provides detailed documentation and a wiki to guide users through installation, configuration, and usage. Container images are published to popular registries such as GitHub Container Registry, Docker Hub, and Quay.io, making deployment straightforward via Docker, Podman, or Docker Compose. Community-driven packages are also available, though they may lag behind official releases.
Vaultwarden emphasizes the importance of using HTTPS and secure contexts for the Web Vault, leveraging the Web Crypto API for client-side encryption. Users are encouraged to perform regular backups to mitigate the risk of data loss, as the maintainers cannot be held liable for lost data. The project has an active community, with support available through Matrix chat, GitHub Discussions, and Discourse forums. Bug reports and feature suggestions are handled directly by the Vaultwarden team, and users are advised not to use official Bitwarden support channels for Vaultwarden-related issues.
Overall, Vaultwarden provides a robust, flexible, and efficient solution for self-hosted password management, maintaining compatibility with Bitwarden clients while focusing on ease of deployment and community-driven development. Its feature set and active support make it a popular choice for those seeking privacy and control over their password data without the overhead of the official Bitwarden server.
