With keycloak you can have a single local password to all your selfhosted apps: you sign in to keycloak, then you sso into everything else from there. I’m building that out on my homelab right now, and it’s working fine.

FYI these vulns were all patched. Source: saw this talk yesterday.

Yeah, it sounds like the real problem is lack of off-site backups. Bad password policies will certainly make it easier for ransomware gangs, but they’re not the only thing that has to go wrong.

https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/