Interesting idea, but why rotating? If it’s already split wouldn’t it suffice?
Rotating could be bad if one cloud provider is breached you only have to wait a few weeks to have all the puzzle, right?
You got the point :) As I'm stating in the Value proposition chapter, the catch is you have to "trust" Apple. Is this the best thing to do? Overall, no. But, may it help spreading the adoption of crypto (in general) and non-custodial wallets (in particular)? Maybe yes :)
The dark mode was a IAP present in one of the first version of the app (if you see the review should be at least 2-3 yo).
As many apps we then changed business model introducing a subscription to be sustainable (eg 1password et al). If an app is free it usually profits on your data or will eventually be abandoned.
And NOTE that it’s $9.99/YEAR, not month. I agree with you that $9.99/month would be out of this world.
Regarding Bitwarden: it is usually best practise to keep password and 2FA in different basket, otherwise once breached the single platform you lose both.
Regarding Authy: Twilio offers b2b services, it’s clear that it’s not making money over Authy, hence it’s rarely updated. It’s 2022 and did not feature Dark Mode yet for example. Moreover, it saves your data in their private servers, recently there has been a report saying they were breached and user’s data have been stolen.
I personally believe Sentinel is a more secure solution and full of feature with respect to Authy.
The page is currently hosted on GitHub pages, I'll check and reduce image sizes since they are likely too heavy!
Regarding Android, we are thinking about requesting a master password to encrypt the data locally in the device and then store the encrypted data on our servers. On the receiver device, the same master password should be inserted to decrypt.
This is to guarantee we won't have access to the data.
That being said, the standard will be always iCloud Keychain, but a user will be able to change this setting to include also Android devices in the syncing.
Hello Microflash, thanks for your question. I can only answer for Raivo, since at the moment Sentinel is not available for Android (Aegis) or Windows (Protecc).
What I can say is the following:
- as far as I know, Raivo uses iCloud, while Sentinel uses the iCloud Keychain (secured by Apple's encryption)
- Sentinel offers Folders to organize tokens
- Sentinel offers multiple themes and display modes
Apple Keychain is key-value storage, Obsidian stores tokens and backups under different keys to be able to avoid erroneous overwrites or key corruption.
Obviously if the whole keychain gets corrupted/wiped then there is no way to recover, but I find it unlikely, or at least never heard about it.
Hi Kevin, every time you make a change (ie add a new token, delete a token, rename a token) a snapshot is made and saved under the current date.
These snapshots are then stored always in the iCloud Keychian.
Anyway the Apple Keychain retain a local copy on the device, which means that even if in airplane mode Obsidian works by reading the local keychain.
I haven't been using Authy for years, last time I checked there was no easy way to export data from it (they want to keep you tieeeed!), but hopefully things have changed.
You would only need to edit/export the "secret" and copy/paste it to Obsidian, in case they allow it.
Yep, I can add that backups in Obsidian are automatically managed and stored on the iCloud Keychain, hence accessible just by using the app on any device