That's fair. Everyone has a different opinion. But I think it's always better to self-host Bitwarden than using the cloud service because then your passwords are stored in a place where you have full control of. Afaik if you use the official Bitwarden vault your passwords are stored on some Amazon servers.
Well, I work in the IT so I know some stuff about security in the digital world. But these systems (password managers in general) are built to be secure and not just tell every password they store without some security measures. Yes, I know there can be security holes, bugs and so on. But that's why these tools get thoroughly tested.
You always have to take risks in the world of computers. So what's the point? Being as secure as possible? Then better not even bother with password managers at all because they all can have security holes.
It's more about how much you trust a password manager and how much you trust yourself in how cautious you use it. The risk is always there.
Note: I do not recommending self-hosting bitwarden
Why not? I have my own instance running on my NAS and I love to have it self-hosted because this way I keep the passwords where I know nobody else can get them.
The only things I can imagine here are because they had a data breach where the attackers could see the traffic of users and aggressive advertising, which is tbh just annoying. That of course doesn't mean they're bad in terms of their user's privacy.
Mullvad has been visited by the police but Mullvad couldn't deliver them what they wanted because they don't keep data of their users. This is proof that they truly don't keep logs. This incident alone makes me personally prefer Mullvad over NordVPN.
I've read that there's no way around Google services if you use a WearOS watch. Not even MicroG is a solution. Anyway, the OP didn't mention what type of smartwatch he uses. So if it's not a WearOS smartwatch he should be fine I guess. :)
Afaik on Android smartwatches (and the OP said he uses a smartwatch) don't work (properly?) without the Wear OS app. And the Wear OS app doesn't work without Google services. This means the OP can't live without Google services at the moment.
I've watched half of the video and gotta say it all sounds very complicated. And since I don't know exactly what changes are made or options set back to default with that cleaner-script I decided to just get through every entry in the user-overrides.js provided. In hindsight this was a good idea because I know some of these changes in the settings would have broken stuff for me. Actually I didn't have to change a single option because my Firefox was already hardened enough. ;) At least I now know I'm good and have been good.
If you ask me then don't bother buying them. Why? Because typing in your password to unlock your DB is still possible and afaik it cannot be turned off. Adding Yubikeys as additional option adds comfort but it's an additional way for an intruder to unlock your DB. You want less options for an unauthorized person to unlock your DB for better security, not more.
True. That's why I use Aegis on my tablet which only generates tokens for my Bitwarden vault. All other tokens are generated inside my Bitwarden vault.
Even if you are able to self host Pi-hole or AGH, NextDNS is a great option because you can use it even when you're not at home. I use it on all of my mobile devices.