When using a commercial, cloud-based password manager like Keeper or Bitwarden, have you ever considered what would happen if your vault suddenly vanished? What would be your backup strategy in that scenario? This isn't about self-hosted options like KeePass or Vaultwarden; I'm specifically asking for those using SaaS password managers. Think about potential disasters: what if your master account gets hacked, or your service provider decides to terminate your account without any chance of recovery? Essentially, the adage 'two is one, and one is none' applies here, so I'd love to hear your thoughts on backups!
5 Answers
I back up to an encrypted USB drive and keep it tucked away in our datacenter. The passwords for both the USB and the safe are stored in a safety deposit box just in case something goes wrong with our password manager.
We utilize Bitwarden-cli to back up to an encrypted SMB share on our QNAP setup. It's not perfect, but without it, losing access to our vault would create major problems.
In the enterprise vaults I've worked with, they usually come with options for local replicas, which can really help in these situations.
I keep a couple of encrypted thumb drives for backups. I make a monthly backup and rotate them, with one drive secured in a safe. It feels much safer that way!
Totally agree! Monthly backups stored in an encrypted drive that's kept in a safe is the way to go.
We have a realtor lockbox in our CoLo that holds a thumb drive encrypted with Bitlocker. Access to the CoLo is protected by a retinal scan, and our rack is locked with a combination. We do an annual backup of shared records, but with all the new entries lately, I might push for quarterly backups to stay ahead.
I once saw someone backup their vault to an encrypted drive but stored the encryption password in the vault itself! They didn't realize it until I pointed it out, which was pretty amusing (and a simple fix)!