4

I think I've just fallen in love with 1Password

Locally synchronized vault, command line integration AND the desktop app is written in Rust?
Hooo boy

Comments
  • 1
    It's gets even better with teams. I use it for dev team password distribution, expanding to QA soon.
  • 1
    @PublicByte
    That's a bit paranoid. They never have access to the unencrypted values, or the three part key they use to secure the records. They only transmit encrypted values.

    That said, I prefer bitwarden for open source options. Has multiple-device sync, integrations with web browsers in addition to a desktop app.
  • 0
    @PublicByte
    FUD that has 0 relevance to the topic. Keepass won't save you if you have a backdoor in your local hardware.
  • 0
    @SortOfTested @PublicByte I was considering selfhosting Bitwarden but I'm one of those guys that can't do without a perfect, beautiful, seamless experience
  • 0
    I'm using Bitwarden and it's amazing
  • 0
    @12bitfloat BitWarden is pretty much seamless though.
  • 2
    @SortOfTested How on earth would this be paranoid? I find it rather logical to not put my access details in an application which can't be publicly reviewed and verified for vulnerabilities and such.

    And especially when it comes to proprietary cloud services which are located in countries of the five-eyes alliance... (1password seems to be from Canada which is a part of this)
  • 1
    @linuxxx
    It makes the same assumption about the competency, quality, veracity and motivation of all individuals in the open source community as it does about the incompetence and implicit collusion of private industry and professional users in government funded black bag cyber warfare.

    That's before getting into the implication that no one gave a thought to doing any form of analysis before using the service.
  • 0
    @SortOfTested I don't agree with the second part but I don't get what you're trying to say with the first, mind elaborating?
  • 0
    @linuxxx
    Not particularly. If we disagree on the second part, we'll disagree on the first part and will just have to agree to disagree.
  • 3
    @SortOfTested My only point is that I have a very hard time trusting a service which is mostly proprietary and in the jurisdiction of an alliance of mass surveillance countries.

    When it comes to highly sensitive data, I'd never trust such a company. Not just from my open source views but mostly from my (both professional and personal) cybersecurity perspective.
Add Comment