Wonder what's the reasoning behind offering this Lite version. I don't imagine competing with Vaultwarden is very lucrative financially.
this post was submitted on 14 Dec 2025
341 points (98.9% liked)
Selfhosted
53668 readers
514 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
I mean, fair take, but sometimes more thoughtful and forward-looking companies aren't looking for fast return on investment.
It could be argued similarly for Valve that all their investment in Linux ecosystems and open source in general when Linux desktops account for just over 3% of all desktop installations while Windows sits comfortably at 70% of the desktop market, just isn't a lucrative investment.
While in the long-term it frees Valve from the restrictions of the Microsoft environment and from the risk that Microsoft would make it more and more difficult for Steam to integrate as they try to make their own game store and Game Pass the premiere gaming experience on Windows, those are future risks that are speculation, even though they are rational speculation.
Investing so deeply in open source isn't a lucrative thing for Valve to be doing, but they're looking at long-term goals.
In other words, I could see the goal here being something like protecting the Bitwarden brand and making sure more people are using their official client than unofficial with the goal of making it easy to use and enticing people into the general Bitwarden ecosystem long-term. Ten years from now, people who have been running Bitwarden Lite might have a lot more options for integration and paid services than people simply using Vaultwarden.
Is that lucrative? No, but it's still pursuing brand-name dominance and keeping people officially within their ecosystem as a way to grow userbase and give users more features (including paid ones) that may not be immediately available or easily integrated with Vaultwarden.
Forward thinking venture capital funded companies are getting rarer, hence the question on motivation. Especially the last few years many VC Foss companies have squeezed harder the other way (gitea, Terraform, docker). So all kudos to BitWarden for launching Lite.
What you say a about brand dominance, or brand protection makes a lot of sense. It's not a good look for them that a large number of people choose to use an unofficial implementation instead of theirs. And should there ever be a catastrophic security issue with Vaultwarden, it would still reflect bad on BitWarden as that kind of nuance (like "unofficial server side implementation") tend to get lost in reporting. Having more IT workers self-host official version probably also helps pave the way for bringing enterprise-bitwarden to companies.
Valve are a bit of a unicorn though, because they are privately owned. There's no investors demanding ROI the next quarter, which gives them freedom to think long term.
When Microsoft launched windows8 and the Microsoft Store, Valve took that as an existential threat to their whole business model (the Steam store). Valve feared that Microsoft was trying to position itself like Apple on iOS and Google on Android, where there is only one platform store, and all apps are purchased through the platform store, and the platform store takes that sweet sweet 30% cut. So Valve pivoted to ensure the Steam store would not be obsolete, and give customers a reason to still use the Steam store.
And what they achieved is awesome, for Linux, for Valve and for gamers. But it took nearly a decade, which is a level of patience few companies have.
It could also be argued that what might have been a loss leader for Valve might just pay off as more and more disgruntled MS users are moving to Linux, and gaming on Linux has exploded despite the 3% market share.
It's probably not but if all the system admins are using vault warden at home then they may consider using vaultwarden at work and that would cost bitwarden money.
It’s a pretty normal model. You offer a free version to help make your product popular. People will use it at home and then at work they will gravitate to the thing they are familiar with. Small companies will start on the free version and eventually upgrade.
Yeah it's a normal model, but BitWarden is a bit special in that their original server-side implementation was enough of a pain to self-host on a small scale that an alternative implementation Vautlwarden was created. And Vaultwarden became very popular in self-hosted circles. And now many years later BitWarden offers a Lite server which scales down. I think it's a good thing, just a bit unusual. I'm struggling to think of similar examples.
I'm sure Vaultwarden still funnels plenty of enterprise use of BitWarden, since Vaultwarden users still use official BitWarden client.
I think it's nice they offer their own lite version.
Just because there is a more popular OSS solution doesn't mean they should be complacent and accept people will use Vaultwarden.
This shows they support their users directly instead of just letting their users fend for themselves.
They also could indirectly be blamed by some people using vaultwarden should an issue arise with it.
By publishing the first party lite version they can say "well you're not using our supported version". While still being friendly to self-hosters.
They've been offering self hosted options for years and this is just another method that isn't much more work to put out. I dont think they care about vault warden that much. I've been using the full self hosted stack since 2019 at home.
Does anybody have any information on features / licensing?
Looks like it's basically a more lightweight self-hosting option with better db flexibility compared to the traditional deploy.
Based on the limited information available I assume it has the same feature-set as the old server and requires a license to unlock all features (e.g. TOTP support). For those comparing it to Vaultwarden.
I switched to vaultwarden back when it was bitwarden_rs due to the crazy overdone bitwarden docker setup.. and then started using some of the licensed features. I have a home organization that I use to share passwords with my family. So now I can't switch back to bitwarden official (even lite) unless they provide me a way to handle that.
I'm not opposed to paying them, but I am opposed to subscriptions for access to something I'm hosting on my own server. So a subscription license isn't happening. I don't see a reason to leave vaultwarden at this point
Compared to other subscriptions their family plan is very fair. IIRC they even allow commercial use (small companies).
But yeah, I get your sentiment. Still a good option if vendor support is important.
The Bitwarden family plan has been one of the best expenses (if you want to call it that, because it really isn't that expensive) in our family.
Seconded. My option is that if it’s vital to my infrastructure or my family I don’t self host it. Let someone else deal with patching/maintenance/uptime.
It's a lightweight self-hosted option for home and small businesses. Otherwise the licensing options are the same as in other self-hosted options.
I like Bit warden for someone like my mom, but I have my keepass setup with sync thing and 2fa and I'm beyond happy with that. Simple and effective.
Same here. I have KeePass database set to read only by default on my phone. I can override this but it minimizes the risk of conflict and I add new passwords on my desktop most of the time.
KeePass also supports merging new entries from a database. Helpful for paranoiacs like me, who don't let any other program touch the database, but are too lazy to not add an entry on the phone occasionally.
I came to bitwarden because we needed to share passwords with my SO and the way those replicate seamlessly on all our devices (desktop, laptop, iOS, Android) is a no brainer. Since bitwarden/vaultwarden is full self-hostable and open-source, I don't see why I would pass on its convenience.
I don't trust my setup for something like this.
My server and NAS go down in a fire, and I'm not gonna have the key I need to get the backup so I can restore my password manager lol
The nice thing about Bitwarden is that all vaults are locally saved on every device where you access it. So even if your NAS, server and whole house burn in fire you still have all the keys on your phone.
That's good, if at least one surviving synced device survives then you still have access. Still a big "if" in a catastrophe, but a much better proposition.
What is the data retention policy for the local vaults?
That is true for a single person - but in a multiple person household that would mean that everyone needs to carry a copy of their with them. So this mechanism is no replacement for a solid backup of the server somewhere else…
You are missing the point; the original comment was about not having the keys to restore the (I assume) encrypted backups. With Bitwarden you can still access the vault even if the server is offline/lost. It's not a replacement for a backup strategy.
No? Everyone who uses the bitwarden app or browser extention has a local copy of the database that is used for read operations. You can't disable this so everyone who uses bitwarden can still use their passwords even if the server dies.
Unless your phone also burns down together with the house, which is not unlikely
The point: .
You
What do you mean? If my house burns down the chance all my devices went up in flames is high. This is one of the reasons I'm not self hosting Bitwarden.
You'd need a good backup somewhere. But that's the same for bitwarden cloud. You cannot just assume it will never have issues
No, my problem is that I need my password manager to access my backup, and I need my backup to get my password manager.
That is a bad setup then. Not an issue of the software or hardware.
Thanks for your useful and actionable feedback that clearly explains the problem. So trustworthy /s
Seriously though, this is what break glass accounts are for. Create an account that can access your backups (preferably only the backup system) with a really long password and keep it offline in a safe place. Like a safe. Set up alerting if the break glass account ever gets used.
I had the same issue which is by I don't self host bitwarden. If my house burned down the same day Bitwarden had a catastrophic outage I'd probably have issues but that seems unlikely.
Probably worth storing the key in another place as well, like keepass on your phone or just print it out on paper and store it.
I can't say I particularly trust even Bitwarden's servers. I export Bitwarden passwords to a spreadsheet once a month and rsync it along with SSH keys to a USB key. Takes a couple minutes.