You are correct, and what the previous user suggested is absolutely terrible opsec. Also correct-battery-horse-staple doesn’t work nearly as well as claimed. Yes, I know, it’s shocking they the guy who makes 4 panel funny comics on the Internet didn’t actually invent a revolution in computer security. The reliance on common, easily spelled, easily memorized words significantly reduces the overall entropy level. But, more importantly, the biggest risk factor has always been password re-use. Passphrases still have to be either stored or remembered and trying to do that for every single component of our online lives is just insanity.

(Yes, Randall Munroe is a very smart guy who does a lot of great research for his comics, but in the end he is just making funnies on the Internet, not writing an academic paper for peer review).

For my money, just run vaultwarden. The biwarden code is all open source, if they do enshittify everything will get forked, and you’ll be running your own infrastructure anyway so you’ll be fine.