For context, in my password manager I had tried formatting some of my entrees so that it would contain the usual username and password, but instead of creating whole new entrees for the security questions for the same account, I just added additional fields in the same entree in order to keep things a little more tidy.
I was not expecting that doing so would result in later being shaken down by Proton to pay even more money just to access the same few bytes of fucking text I had trusted them with. This is sleazy as fuck and I am dropping these idiots entirely.
Your first point is debatable. You still have to trust them to be that secure, and you can’t verify that. If they are ever breached, it’s literally the worst case scenario. You can self-host their solution, but only in the enterprise tier (6$ per user per month). Also BitWarden is a target woth attacking, I am not. BitWarden hosts thousands of instances worthy of being attacked individually. A personal VaultWarden instance of “Mike and Molly Peterson” isn’t exactly an attractive target. I do think they are pretty secure, but a single mistake with these stakes can have immense consequences. LastPass was also breached repeatedly, with a similar buiseness model.
The second point about electricity wouldn’t be true in my particular case, as the server for self-hosting it is running anyway. Running VaultWarden or not doesn’t change the power usage noticably. Obviously this is different for someone who doesn’t just have a server at home running anyway.
Side note: I’m not actually running a personal VaultWarden instance, as my personal requirements are being met just fine with KeePass files. We do run an instance at work, but it isn’t world-accessible (internal access only).