Vaultwarden Service #6
Labels
No labels
Good First Issue
Help Wanted
Infra
Code
Infra
Email
Infra
Matrix
Infra
Other
Infra
SSO
Infra
Wiki
Kind
Bug
Kind/Documentation
Kind
Enhancement
Needs Info
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Reviewed
Confirmed
Reviewed
Duplicate
Reviewed
Invalid
Security
Status
Abandoned
Status
Blocked
Status
Won't Fix
Testing
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
nether/meta#6
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Given that we're gradually transitioning our userbase to matrix, users are going to need a secure place to store their security keys. I keep encouraging our users to use a password manager, so why not offer our own?
Findings relevant to this in #21: Vaultwarden OIDC SSO is upstream now (wire to Authentik), but the master password remains architecturally required — zero-knowledge means SSO authenticates while the vault key never reaches the server. That's a feature for us: infrastructure compromise can't open vaults. Open items before rollout (tracked in #21): emergency-access/recovery story, since a forgotten master password is an unrecoverable vault.