Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Right!? The hard part is integrating nicely with the OS, which is just not something that's in Electrons bag. The thing Electron "improves" for them is portability for the one thing that users really want to avoid interacting with. It's just such a confusing business decision in my eyes, and to be completely honest, part of the reason I'm looking at switching is literally that they are making a decision like this unprovoked when they have a great native app already, I just don't understand it and don't want to support a business making shit decisions like that.

Someone in this thread suggested Strongbox which looks very promising. I will stick with 1Password until they've decommissioned 7, and then make my decision whether to stay or not I think.



Agreed.

Porting an app as security sensitive as a secrets manager to a client with an attack surface of Electron seems just fundamentally dumb.


The new Mac app has a lot of OS-specific code for those nice integrations. Their new client is a mix of Rust, Electron UI and Swift with all secure processing and OS handoffs done in Rust and Swift.

No one owes 1Password anything but the engineering reviews often seem to miss what they're actually developing.


In Apple land you have Strongbox or Keepassium. Both are fine projects based on Keepass technology so you are basically safe and the developers are even in cool terms with themselves.


Looking around, on macOS there’s also MacPass[0] which looks decent (good enough that I could see myself contributing for the last few % of polish), and gnome-passwordsafe[1] looks reasonable on Linux (if a bit too mobile-y for a desktop app). The only notable hole in the platforms I use is Windows… perhaps it’s time to spin up a WinUI Keepass project.

[0]: https://github.com/MacPass/MacPass [1]: https://apps.gnome.org/app/org.gnome.PasswordSafe/


The issue I see with KeePass as an standard password format is that, afaik, it does not have the native concept of OTP which is critical these days. I understand some developers have come up with ways to store the needed information to generate the OTP in some of the metadata fields. But that does not guarantee OTP interoperability between different Keepass implementations accessing the same Keepass database.

For example, using MacPass I can access my KeePass DB managed by Strongbox from iCloud Drive but the OTP field seems to be opaque to MacPass, it does not know what to do with it.


Here's a +1 for Strongbox. It plays nicely with my Keepass/Dropbox sync setup. Been using it for a few years definitely worth the price.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: