I started digging into opensource password managers and found that they all suck major ball sack. I ended up picking nothing. My two runner-ups were bitwarden. It works on Linux, Android, whatever apple’s shit runs on, and even runs on PC’s with the OS that you usually delete first thing. But the major drawback is that I can’t trust it. It’s got a “premium” version, and that has always meant a slow steady spiral into “you must pay now that we have you by the balls” situation. Another drawback is that it’s centralized, kill the company and so go your passwords I suppose.

The other runner up is called liso. This one comes with two major drawbacks. One is that is browser only so far. The other one is that it doesn’t work on Linux yet. Such a shit shit option. Everything else out there wants you to pay for encryption.

I did end up learning about pass on Linux. It creates encrypted passwords and there’s some compatibility with guis and maybe available on Android??? Big question mark. I’ve tried nothing yet. My password list seems to grow daily.

So what’s your favorite one?

    • Sr Estegosaurio@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      2 years ago

      Signal is far from being perfect. And I would love a decentralised (p2p/federated) chat protocol implementing the Signal protocol. At the time being their protocol is best, we may question their main server and some of their practices, but at the time being I couldn’t find anything better.

      SIgnal is just as bad as insecure western social medias.

      Hmmm… I don’t think so.

      Why do so many crypto bros favor Signal?

      I’m not a cryptobro. :c

      I’ll ask this again: Is age and signify battle tested?

      Their as not as old and extended as PGP but their are based on solid cryptography.

      • Amicese@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        2 years ago

        Did you read all of this page? It shows the alternatives. (Matrix, XMPP)

        Their as not as old and extended as PGP but their are based on solid cryptography.

        Explain.

        • Sr Estegosaurio@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          2 years ago

          I would not consider Matrix an alternatdve to Signal. The Matrix protocol is messy and I had a lot of " matrix moments™" (even with that I still use it and prefer it over Discord, or other glowy apps.). XMPP with omemo is great, no need for a phone number and decentralised. I like it.
          (I think that I heard somewhere about the signal protocol on XMPP or something like that. Which, in my opinion could be the best of both worlds.)

          Explain.

          What I mean is that obviusly is not as battle tested as PGP/GPG since is not that old and it’s not as spread as it, now. But PGP is extremely complicated, overextended, with terrible defaults and backwards compatability with some stuff from the stone age. The de facto implementation is also quite bad.

          As I still have to use PGP for some things (sadly) I use a better implementation: sequoia-pgp I reccomend it. https://sequoia-pgp.org

          • Amicese@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            2 years ago

            I would not consider Matrix an alternatdve to Signal. The Matrix protocol is messy and I had a lot of " matrix moments™"

            How is the matrix protocol messy? It had extraneous metadata, but it got removed in a version.

            Also, what is a “matrix moment”?

            XMPP with omemo is great, no need for a phone number and decentralised. I like it.

            Why not just use that then?

            What I mean is that obviusly is not as battle tested as PGP/GPG since is not that old and it’s not as spread as it, now.

            That’s a problem when choosing security tools. How do you know the reliability of the tool if it hasn’t been battle tested enough?

            But PGP is extremely complicated, overextended, with terrible defaults and backwards compatability with some stuff from the stone age.

            I would need to scan the GPG source code to try to understand your point, but I don’t have the time or will to do so.

            What terrible defaults though? GPG’s defaults seem fine to me. I might be missing stuff tho.