![]() An application being open source simply provides an audit log of the code and allows for "wisdom of the crowd" when it comes to bug and security issues. Second, you can still charge for a product and it be open source. The wider population doesn't care whether your application is proprietary or not - they just want something that works. First, "lots of people" seems like "lots of people" because we're on HN. ![]() > proprietary code is a deal break for lots of people So then who foots the bill? Password managers are the duct tape used to protect a user because we don't inherently trust application providers. Gonna check it out.> Because much like privacy, password security shouldn't always be only a premium option. Might have to try that, but the biggest issue is I don't have local access to my Nextcloud on my laptop, and the Linux version of keepass doesn't access cloud services to my knowledge.Įdit: I stand corrected, there is a Nextcloud Linux desktop app. ![]() I actually see now the new version of the app has support for Nextcloud, which I've got running on my NAS. I do have a local copy on my laptop (I access Google drive via Insync). I don't think a local copy is stored on my phone, thus my joke about Google drive going down. Not sure if this one still costs money, but I paid like $3 for it a few years ago: I did it this way for a while and never had a problem, but I can see how this would be an issue for the OP if he forgot to manually move his database file to whatever cloud service he uses. It sounds like he was manually moving it back and forth to/from his Google Drive, thus how he was ending up with mismatched copies (I suspect). and the person complaining about it is using the app that only edits a local file. There are two different keepass apps however. are a bit more obvious, and I think the google instant-upload functionality is more reliable than most third parties, so I'd just use that if you're fine with google having your pics. Resetting my phone would be a pain, but with those three saved (and replicated in several places) I don't really need to worry. None of this requires any management from me, I just configure those apps to save to the sync location and everything works more or less seamlessly. This automatically keeps my phone and my desktop/laptop in sync, so this includes my password manager file, my 2fa file, and my Signal backup. So my key stuff I keep in a specific folder on my phone and use a tool called syncthing: As such I just don't trust opaque data stores. Its been a while since I've had a google-only phone (I've used lineage in the past and calyxos more recently), but my recollection was that the google backups do usually work, but I also know its failed for me. You kind of have to balance between convenience and security based on your threat model, quite often too much security is just overkill and as a result inefficient use of your time. If there is a critically high risk of hackers actively trying to get your passwords then paper and pen might be a solution for you, though a password card would be even more secure because even if someone gets a physical access to it they wouldn't be able to figure out what your passwords are. I would recommend you to check out the Assesing Your Risks article from EFF and threat model your particular case. Although there is an alternative - you can switch to a special keyboard that pastes username/password without using such an insecure data storage as clipboard. Nothing will stop it and KeePass app developer can't do anything about it. ![]() > What's to stop an app from intercepting the copy / paste function and sending my login details somewhere? KeePass is probably the best solution in terms of convenience and security, which is why it is my personal favorite. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |