Well, there is the problem, isn't it? If people aren't willing to pay what amounts to a cup of coffee a month for a service they rely on daily, how are companies supposed to build a sustainable business without raising money?
> This doesn't worry me that much. In the event that incentives get skewed (which isn't certain), I guess I could just stop updating the app before that happens, or fork the last good version?
This is easily said, but remember you're talking about a security-sensitive application. Do you really trust yourself to keep your fork secure? I know it doesn't look like it on the surface, but password managers have become wickedly complex, especially if you require things such as shared vaults, audit logs, a zero-knowledge architecture etc. The reality is maintaining your own fork won't be feasible for the vast majority of users, even those with a technical background.
> Why should I trust you (and a product I've only just learned about)?
The simple answer is that you shouldn't. You should ALWAYS be sceptical, and look for possible indicators of a company heading down the path to the dark side. Like taking a 9-figure sum of VC money for example ;)
You're absolutely right. Of course there is no guarantee that whatever alternative you seek won't turn out the exact same way. But unfortunately all you can do to punish that kind of behaviour is to vote with your wallet and move somewhere else. And hope it'll turn out better this time... There ARE people out there who are trying to build a profitable, ethical business instead of chasing unsustainable growth. Unfortunately the only way to find out who they are is by giving them a chance...
If you're a Bitwarden user and this doesn't worry you, you haven't been paying attention to the history of almost every company that has accepted VC funds.
It doesn't matter how well intentioned the founders are - once you accept that kind of money, it's not your product anymore. You are now in the business of making money, nothing else, and those skewed incentives will start bleeding into their product and business practices sooner or later.
As a company, Bitwarden has been a huge role model for me, and I hope they'll be the exception to the rule. But $100M is a lot of money, and I simply can't imagine it having a net-positive effect on the company and product. But we'll see...
For anyone looking for a bootstrapped, open source alternative to Bitwarden, check out Padloc:
Allow me to plug my own product: https://padloc.app
The new version (currently in beta) has a "Family" plan which is perfect for this. We're also planning to introduce a "dead man's switch" feature that will grant access to selected family members or friends if you haven't logged into your account for a while. Shoot me an email at [email protected] if you're interested in signing up for the beta!
I don't understand why so many password managers go through so much trouble to implement auto-fill. This one has an interesting approach that seems to be slightly less intrusive than what, say, Lastpass is doing but I still don't really see the value outweighing the cost.
Yes, auto-fill - if implemented well - can add some convenience for the user but it usually adds a significant amount of complexity to the codebase and comes with some challenges regarding security. In fact, LastPass' autofill feature is/was the root cause of some very scary vulnerabilities[1].
Copy&paste is simple, broadly understood and supported in much the same way on every single platform. And in my experience, it's really not that much slower than auto-fill.
It seems to me that most password managers these days are to tick off a list of features rather than focussing on security and usability. Mind you, Secret 2 is definitely not the best example for this - I actually quite like the clean look and simple user interface. Still, it seems like most people nowadays are judging the value of a password manager by the number of features rather than, say, security.
<shameless-plug>Padlock[2] is a minimalist, open source password manager without auto-fill, browser-integration or any other 'advanced' features. We believe that when it comes to features, less is often more, and it seems there is plenty of people agree with us.</shameless-plug>
Thanks for adding some clarity here. Apparently I missed some of the finer details.
> What is served over the web?
There is a form for generating passwords right on the front page and it states nowhere that the browser extensions are the more secure / recommended way of using the tool.
Came here to point out the same concerns, basically. I'll add this:
5. Its seems like there is no user-specific secret in addition to the master password. If two users happen to use the same master password (which is definitely a possibility, especially with weak or easily memorizable passwords) they will basically have all the same passwords for every site!
6. Rotating your passwords regularly, at least for your highly sensitive accounts, is very important. With this approach, you can't change any one of your passwords without changing the whole lot (i.e. changing your master password) which simply isn't practical.
7. They serve the whole thing over the web, which, as has been pointed out many times over the web[1], is a bad idea.
Overall, its seems like they are looking for a overly simplistic solution for a complicated problem.
<shameless plug>Padlock[2] is a penetration-tested, open source password manager that, while using a battle-tested, 'conventional' encryption scheme for securing data, still tries to be forward thinking and to improve on the overall user experience of other password managers.</shameless plug>
Yeah, currently the only way to run it on desktop is through the Chrome app. A native, standalone desktop app for all major platforms will be released very soon, though.
What alarms me much more than the appearance of bad code quality is the fact that we have no direct way of checking what's actually going on under the hood and what impact it has on security. If there is one axiomatic requirement for the trustworthiness of a password manager, it's that it must be open source. That way people don't have to guess at the code quality from their use of file extensions. Lots of people seem to have a huge phobia of storing their passwords in the cloud and I have the feeling that the provenly poor security of Lastpass [1] has contributed significantly to this.
<shameless plug>Padlock[2] is a penetration-tested, open source alternative that also has a (open source!) cloud storage solution[3] that you can even deploy to your own server if you don't trust the official one. All of this based on zero-knowledge (the server has no way of acquiring your master password or reading any of your clear-text data). Disclaimer: I'm the main contributor.</shameless plug>
Yeah, maybe not the right forum to cover all of your questions in detail but here are a few bullet points (note: I cust came across bitwarden, too, so this is just from what I gathered from the website and the little time I've spent playing around with it):
Similarities:
- Open Source
- Cross Platform
- It appears to be possible to host your own server
Differences:
- As pointed out somewhere else, Bitwarden is very limited in what you can store. It seems to be primarily for storing website logins and does not offer any customisation options for storing other kinds of data. Padlock is much more flexible in that it allows you to add any number of fields to any given record.
- Apart from the mobile apps, the primary way to access your data seems to be the website served over https. This is a terrible idea for a ton of reasons and I could spent all day going into all of them but lets just say that there is simply no way to handle your data in a secure and private manner this way (either you have to do crypto client-side which is inherently insecure for a website served over the net or you have to do it server-side which means you have to send your master password to the server). By contrast the Padlock app, although based on web technologies (it's built with Polymer), is only available as a packaged (and code signed!) app for all platforms. This means that you can safely do client-side encryption without having to worry about the integrity of the source code. Padlock Cloud on the other hand is built on the principle of Zero-Knowledge, meaning no unencrypted sensitive data is ever sent to the server.
I could go on forever, but this will have to do for now. If you have any specific questions, let me know!
> You have copied LastPass, however LastPass isn't a good design to copy.
> I never liked LastPass because it's rigid on how you can store data. Surely username+password+ website is common enough, but give the user the opportunity to add custom fields. This is how KeePass and 1Password work, it's a proved design
I agree 100%. For an open source alternative that offers the same flexibility while still trying to be as easy to use as possible, check out https://padlock.io! (Disclaimer: I'm the author)