keepassxc
ios-application
keepassxc | ios-application | |
---|---|---|
525 | 78 | |
19,789 | 944 | |
2.7% | -5.5% | |
9.1 | 5.2 | |
1 day ago | 14 days ago | |
C++ | Swift | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
keepassxc
-
Safari 18 will automatically transition users to passkeys [video]
Here's a great github discussion about passkey plaintext exports.
Apparently, the FIDO alliance is considering adding an attestation feature that would allow websites to block various passkey implementations:
https://github.com/keepassxreboot/keepassxc/issues/10407#iss...
e.g., they could block ones that allow exports, or they could block ones that are FOSS. To their credit, it looks like Apple's throwing their weight around to prevent such blocking from being technically possible.
The more I hear about this standard, the more concerned I become.
- Debian removes KeePassXC browser integration
-
The new APT 3.0 solver
https://github.com/keepassxreboot/keepassxc/issues/10725
-
KeePassXC Debian maintainer has removed all network features
>UPSTREAM THEMSELVES decided not to include in default/recommended build instructions
This is false, or at the very least misleading. It doesn't take much to go on the repository and give a closer look instead of repeating "what other said". Kwpolska already wrote it in this thread, -DWITH_XC_ALL (the flag that's been turned OFF in the original Debian package rules) is explicitly called in the build instructions, and not only there but also one release tool [1] and snap config [2]. This is merely how the project manages its build configuration, with specific flags turned off and one master toggle enabled by default (or expected to be passed to cmake/bash release tool). Same thing for the ppa packaging. [3]
0. https://github.com/keepassxreboot/keepassxc/blob/develop/INS...
1. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
2. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
3. https://github.com/keepassxreboot/keepassxc-packaging/blob/9...
- Debian Sid No-Feature KeePassXC Package
- Passkey Implementation: Misconceptions, pitfalls and unknown unknowns
- KeePassXC Issue: [Passkeys] should never be exported in clear text
- Authy to sunset EOL end of March 19, 2024 (originally August 2024)
-
I Stopped Using Passwords. It's Great–and a Total Mess
KeepassXC supports exporting, but i don't think it is released in a stable version / to the public yet:
https://github.com/keepassxreboot/keepassxc/pull/8825
-
Ask HN: Best Password Manager without cloud login?
If you use KeePass, make sure you use the KeePassXC variant. KeePass is dead.
https://keepassxc.org/
ios-application
- Mobime (Raivo Authenticator) paywalls/deletes all users' 2FA/OTP data
-
Raivo OTP just deleted all tokens after update and is now asking for money
Only that the app was never really under open source license, at least not since 2019. It used to be under CC BY-NC 4.0 but then it changed to a "source available" type of status [0], where any modification, redistribution etc was prohibited. The previous author explained "Unfortunately I had to apply these restrictions in the license, as people started to redistribute my app to the appstore" [1]. I do not judge the fact of stopping open sourcing it, but he did not stop advertising it as "open source". Even now, that the source code is not even available any more, its website calls it "open source" [2].
[0] https://github.com/raivo-otp/ios-application/commit/03791edd...
[1] https://opensource.stackexchange.com/a/13801
[2] https://raivo-otp.com/
- RaivoOTP 2FA app sold. Latest update removes access to existing TOTP tokens
-
End of Life for Twilio Authy Desktop App
I use open source Raivo OTP [1] on iOS and then on my computers with Apple Silicon I use the same iOS app instead of their desktop because it sinks better.
[1] https://raivo-otp.com/
- PSA: The open source Raivo multi-factor authenticator announced they were acquired by "Mobime"
-
Ask HN: How do you deal with TOTP 2-factor auth?
Raivo is another option on iOS.
https://github.com/raivo-otp/ios-application
-
Ask HN: If a password manager stores your 2FA token is it still 2FA?
It's redundant having the two together. I suppose it still has the nicety of 'unphishable logins'. Personally though, I have a separate KeepassXC DB with all my 2FA stuff there. I use the Raivo OTP[0] app for TOTP. I would only open my 2FA DB when trying to recover a lost/damaged/stolen device with my Raivo OTP creds in it.
[0] https://raivo-otp.com/
- [HELP] Uploading Raivo OTP Icons
- Feltörték a Facebook fiòkom, történt már veletek ilyen?
- Google Authenticator Synchronisation sinnvoll?
What are some alternatives?
KeePassDX - Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
KeePass2.x - unofficial mirror of KeePass2.x source code
NewPipe - A fork of NewPipe with SponsorBlock functionality.
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
Strongbox - A KeePass/Password Safe Client for iOS and OS X
Tofu - An easy-to-use two-factor authentication app for iOS
MacPass - A native macOS KeePass client
google-authenticator - Open source version of Google Authenticator (except the Android app)